Navigation :
Concepts
Setting up Gloo Mesh Enterprise
Configure gateways for ingress
Route requests
Control traffic with policies
Observability
Reference
-
API reference
-- access_log_policy.proto
-- access_logging.proto
-- access_policy.proto
-- accesslog.proto
-- address.proto
-- address.proto
-- address.proto
-- advanced_http.proto
-- any.proto
-- api.proto
-- approval_state.proto
-- auth_config.proto
-- authority.proto
-- authorize.proto
-- aws_lambda.proto
-- backoff.proto
-- backoff.proto
-- base.proto
-- base.proto
-- base.proto
-- ca_options.proto
-- cache.proto
-- cache_filter.proto
-- certificate_request.proto
-- collection_entry.proto
-- common.proto
-- config.proto
-- config_source.proto
-- consul_connect.proto
-- context_params.proto
-- core.proto
-- cors_policy.proto
-- csrf_policy.proto
-- cue.proto
-- custom_tag.proto
-- custom_tag.proto
-- dashboard.proto
-- deprecation.proto
-- descriptor.proto
-- descriptor.proto
-- destination_rule.proto
-- discovered_gateway.proto
-- discovery.proto
-- duration.proto
-- empty.proto
-- envoy_filter.proto
-- event_service_config.proto
-- ext.proto
-- ext_auth_policy.proto
-- ext_auth_server.proto
-- extension.proto
-- external_endpoint.proto
-- external_service.proto
-- failover_policy.proto
-- fault_injection_policy.proto
-- field_behavior.proto
-- field_mask.proto
-- gateway.proto
-- generated.proto
-- generated.proto
-- generated.proto
-- generated.proto
-- generated.proto
-- generated.proto
-- gogo.proto
-- graphql.proto
-- grpc_service.proto
-- header_manipulation.proto
-- health_check.proto
-- http.proto
-- http_matchers.proto
-- http_path.proto
-- http_uri.proto
-- http_uri.proto
-- http_uri.proto
-- issued_certificate.proto
-- json_grpc_transcoder.proto
-- jwt_policy.proto
-- kubernetes_cluster.proto
-- locality.proto
-- mesh.proto
-- metadata.proto
-- metadata.proto
-- metadata.proto
-- metrics.proto
-- migrate.proto
-- mirror_policy.proto
-- modsecurity.proto
-- nats_streaming.proto
-- number.proto
-- operator.proto
-- outlier_detection_policy.proto
-- payload.proto
-- percent.proto
-- percent.proto
-- percent.proto
-- phase.proto
-- pod_bounce_directive.proto
-- port.proto
-- protocol.proto
-- proxy_protocol.proto
-- proxy_protocol_policy.proto
-- proxylatency.proto
-- range.proto
-- range.proto
-- ratelimit.proto
-- ratelimit_client_config.proto
-- ratelimit_policy.proto
-- ratelimit_server_config.proto
-- ratelimit_server_settings.proto
-- ref.proto
-- regex.proto
-- regex.proto
-- resource.proto
-- resource_locator.proto
-- retry_timeout_policy.proto
-- root_trust_policy.proto
-- route.proto
-- route_components.proto
-- route_components.proto
-- route_table.proto
-- sanitize.proto
-- security.proto
-- selectors.proto
-- semantic_version.proto
-- semantic_version.proto
-- semantic_version.proto
-- sensitive.proto
-- service_entry.proto
-- sidecar.proto
-- socket_option.proto
-- socket_option.proto
-- socket_option.proto
-- solo-kit.proto
-- solo_jwt_authn.proto
-- solo_xff_offset_filter.proto
-- source_context.proto
-- status.proto
-- status.proto
-- string.proto
-- string.proto
-- string_match.proto
-- struct.proto
-- timestamp.proto
-- trace.proto
-- trace_config.proto
-- transformation_ee_filter.proto
-- transformation_filter.proto
-- transformation_policy.proto
-- type.proto
-- validate.proto
-- value.proto
-- vault_ca.proto
-- versioning.proto
-- virtual_destination.proto
-- virtual_gateway.proto
-- virtual_service.proto
-- waf_policy.proto
-- wasm_deployment_policy.proto
-- workload_entry.proto
-- workload_group.proto
-- workspace.proto
-- workspace_settings.proto
-- wrappers.proto
-- xds_config.proto
-- xslt_transformer.proto
-
CLI reference
-
Helm value reference
-
Version reference
- Gloo Mesh Enterprise changelog
-
Gloo Mesh Security and CVE report
Troubleshoot
Get help and support
csrf_policy.proto
Package : security.policy.gloo.solo.io
Top
csrf_policy.proto
Table of Contents
CSRFPolicySpec
CSRFPolicy is used to set safeguard to prevent CSRF (cross-site request forgery) attacks in requests matching selected routes. CSRFPolicies are applied at the Route level.
CSRFPolicySpec.Config
Field
Type
Label
Description
filterEnabled
bool
Specifies that CSRF policies will be evaluated, tracked and enforced.
shadowEnabled
bool
Specifies that CSRF policies will be evaluated and tracked, but not enforced. This is intended to be used when filter_enabled
is false and will be ignored otherwise.
percentage
google.protobuf.DoubleValue
Specifies the % of requests for which the CSRF filter is enabled or when shadow mode is enabled the % of requests evaluated and tracked, but not enforced. If filter_enabled or shadow_enabled is true. Envoy will lookup the runtime key to get the percentage of requests to filter. .. note:: This field defaults to 100
additionalOrigins
[]common.gloo.solo.io.StringMatch
repeated
Specifies additional source origins that will be allowed in addition to the destination origin.
CSRFPolicyStatus
reflects the status of the CSRFPolicy
CSRFPolicyStatus.WorkspacesEntry