What type of traffic does a WAF typically parse?

A Web Application Firewall (WAF) is specifically designed to monitor and filter HTTP and HTTPS traffic to and from a web application. Its primary function is to protect web applications by inspecting traffic at the application layer (Layer 7 of the OSI model). This means it analyzes incoming requests and outgoing responses, allowing it to detect and prevent various types of attacks, such as SQL injection, cross-site scripting (XSS), and other common web application vulnerabilities.

While WAFs can have the capability to inspect different types of payloads, including XML for certain web services or specific formats like REST and SOAP, the core functionality and standard usage of a WAF revolves around HTTP traffic. This is because web applications predominantly operate over HTTP/HTTPS protocols, making this the essential type of traffic that WAFs are designed to handle and protect.

Other options, while relevant in certain contexts of web application development and security, do not encapsulate the primary focus and functionality of a WAF as clearly as HTTP does. Thus, HTTP is recognized as the correct type of traffic typically parsed by a WAF.