Proto: csrf_policy.proto

Package: security.policy.gloo.solo.io



Field Description
workspaces (repeated CSRFPolicyReport.WorkspacesEntry)

A list of workspaces in which the policy can apply to workloads.
selectedRoutes (repeated common.gloo.solo.io.RouteReference)

Routes selected by the policy


Field Description
key (string)

value (common.gloo.solo.io.Report)


CSRFPolicy is used to set safeguard to prevent CSRF (cross-site request forgery) attacks in requests matching selected routes. CSRFPolicies are applied at the Route level.

Field Description
applyToRoutes (repeated common.gloo.solo.io.RouteSelector)

Routes to apply the policy to. If empty, the policy applies to all workloads in the workspace.
config (CSRFPolicySpec.Config)

The details of the CSRF policy to apply to the selected routes.


Field Description
filterEnabled (bool)

Specifies that CSRF policies will be evaluated, tracked and enforced.
shadowEnabled (bool)

Specifies that CSRF policies will be evaluated and tracked, but not enforced.
This is intended to be used when filter_enabled is false and will be ignored otherwise.
percentage (google.protobuf.DoubleValue)

Specifies the % of requests for which the CSRF filter is enabled or when shadow mode is enabled the % of requests evaluated and tracked, but not enforced.
If filter_enabled or shadow_enabled is true. Envoy will lookup the runtime key to get the percentage of requests to filter.
.. note:: This field defaults to 100 For information about the value format, see the Google protocol buffer documentation.
additionalOrigins (repeated common.gloo.solo.io.StringMatch)

Specifies additional source origins that will be allowed in addition to the destination origin.


The status of the policy after it is applied to your Gloo environment.

Field Description
common (common.gloo.solo.io.Status)

The state and workspace conditions of the applied resource.
numSelectedRoutes (uint32)

Count of routes selected by the policy