CsrfPolicy
Proto: csrf_policy.proto
Package: security.policy.gloo.solo.io
Types:
CSRFPolicySpec
CSRFPolicy is used to set safeguard to prevent CSRF (cross-site request forgery) attacks in requests matching selected routes. CSRFPolicies are applied at the Route level.
| Field | Description |
|---|---|
applyToRoutes |
(repeated common.gloo.solo.io.RouteSelector)select the routes where the policy will be applied if left empty, will apply to all routes in the workspace. |
config |
(CSRFPolicySpec.Config)The details of the CSRF policy to apply to the selected routes. |
CSRFPolicySpec.Config
| Field | Description |
|---|---|
filterEnabled |
(bool)Specifies that CSRF policies will be evaluated, tracked and enforced. |
shadowEnabled |
(bool)Specifies that CSRF policies will be evaluated and tracked, but not enforced. This is intended to be used when filter_enabled is false and will be ignored otherwise. |
percentage |
(google.protobuf.DoubleValue)Specifies the % of requests for which the CSRF filter is enabled or when shadow mode is enabled the % of requests evaluated and tracked, but not enforced. If filter_enabled or shadow_enabled is true. Envoy will lookup the runtime key to get the percentage of requests to filter. .. note:: This field defaults to 100 For information about the value format, see the Google protocol buffer documentation. |
additionalOrigins |
(repeated common.gloo.solo.io.StringMatch)Specifies additional source origins that will be allowed in addition to the destination origin. |
CSRFPolicyStatus
reflects the status of the CSRFPolicy
| Field | Description |
|---|---|
global |
(common.gloo.solo.io.GenericGlobalStatus) |
workspaces |
(repeated CSRFPolicyStatus.WorkspacesEntry)The status of the resource in each workspace that it exists in. |
selectedRoutes |
(repeated common.gloo.solo.io.RouteReference)Routes selected by the policy |
CSRFPolicyStatus.WorkspacesEntry
| Field | Description |
|---|---|
key |
(string) |
value |
(common.gloo.solo.io.WorkspaceStatus) |