CSRF¶
Cross-Site Request Forgery configuration overview.
config.filter.http.csrf.v2.CsrfPolicy¶
[config.filter.http.csrf.v2.CsrfPolicy proto]
CSRF filter config.
{
"filter_enabled": "{...}",
"shadow_enabled": "{...}",
"additional_origins": []
}
- filter_enabled
(core.RuntimeFractionalPercent, REQUIRED) Specifies if CSRF is enabled.
More information on how this can be controlled via runtime can be found here.
Note
This field defaults to 100/HUNDRED.
- shadow_enabled
(core.RuntimeFractionalPercent) Specifies that CSRF policies will be evaluated and tracked, but not enforced. This is intended to be used when filter_enabled is off.
More information on how this can be controlled via runtime can be found here.
Note
This field defaults to 100/HUNDRED.
- additional_origins
(type.matcher.StringMatcher) Specifies additional source origins that will be allowed in addition to the destination origin.
More information on how this can be configured via runtime can be found here.