Proto: csrf_policy.proto

Package: security.policy.gloo.solo.io



Field Description
workspaces (repeated CSRFPolicyReport.WorkspacesEntry)

selectedRoutes (repeated common.gloo.solo.io.RouteReference)

Routes selected by the policy


Field Description
key (string)

value (common.gloo.solo.io.Report)


CSRFPolicy is used to set safeguard to prevent CSRF (cross-site request forgery) attacks in requests matching selected routes. CSRFPolicies are applied at the Route level.

Field Description
applyToRoutes (repeated common.gloo.solo.io.RouteSelector)

select the routes where the policy will be applied if left empty, will apply to all routes in the workspace.
config (CSRFPolicySpec.Config)

The details of the CSRF policy to apply to the selected routes.


Field Description
filterEnabled (bool)

Specifies that CSRF policies will be evaluated, tracked and enforced.
shadowEnabled (bool)

Specifies that CSRF policies will be evaluated and tracked, but not enforced.
This is intended to be used when filter_enabled is false and will be ignored otherwise.
percentage (google.protobuf.DoubleValue)

Specifies the % of requests for which the CSRF filter is enabled or when shadow mode is enabled the % of requests evaluated and tracked, but not enforced.
If filter_enabled or shadow_enabled is true. Envoy will lookup the runtime key to get the percentage of requests to filter.
.. note:: This field defaults to 100 For information about the value format, see the Google protocol buffer documentation.
additionalOrigins (repeated common.gloo.solo.io.StringMatch)

Specifies additional source origins that will be allowed in addition to the destination origin.


reflects the status of the CSRFPolicy

Field Description
common (common.gloo.solo.io.Status)

numSelectedRoutes (uint32)

Count of routes selected by the policy