csrf_policy.proto

Package : security.policy.gloo.solo.io

Top

csrf_policy.proto

Table of Contents

CSRFPolicySpec

CSRFPolicy is used to set safeguard to prevent CSRF (cross-site request forgery) attacks in requests matching selected routes. CSRFPolicies are applied at the Route level.

Field Type Label Description
applyToRoutes []common.gloo.solo.io.RouteSelector repeated select the routes where the policy will be applied if left empty, will apply to all routes in the workspace.
config security.policy.gloo.solo.io.CSRFPolicySpec.Config The details of the CSRF policy to apply to the selected routes.

CSRFPolicySpec.Config

Field Type Label Description
filterEnabled bool Specifies that CSRF policies will be evaluated, tracked and enforced.
shadowEnabled bool Specifies that CSRF policies will be evaluated and tracked, but not enforced.
This is intended to be used when filter_enabled is false and will be ignored otherwise.
percentage google.protobuf.DoubleValue Specifies the % of requests for which the CSRF filter is enabled or when shadow mode is enabled the % of requests evaluated and tracked, but not enforced.
If filter_enabled or shadow_enabled is true. Envoy will lookup the runtime key to get the percentage of requests to filter.
.. note:: This field defaults to 100
additionalOrigins []common.gloo.solo.io.StringMatch repeated Specifies additional source origins that will be allowed in addition to the destination origin.

CSRFPolicyStatus

reflects the status of the CSRFPolicy

Field Type Label Description
global common.gloo.solo.io.GenericGlobalStatus
workspaces []security.policy.gloo.solo.io.CSRFPolicyStatus.WorkspacesEntry repeated The status of the resource in each workspace that it exists in.
selectedRoutes []common.gloo.solo.io.RouteReference repeated Routes selected by the policy

CSRFPolicyStatus.WorkspacesEntry

Field Type Label Description
key string
value common.gloo.solo.io.WorkspaceStatus