Signed HTTP Exchange Filter (proto)

This extension has the qualified name envoy.filters.http.sxg


This extension is only available in contrib images.


This extension is functional but has not had substantial production burn time, use only with this caveat.

This extension is intended to be robust against untrusted downstream traffic. It assumes that the upstream is trusted.


This extension extends and can be used with the following extension category:


This API feature is currently work-in-progress. API features marked as work-in-progress are not considered stable, are not covered by the threat model, are not supported by the security team, and are subject to breaking changes. Do not use this feature without understanding each of the previous points.

SXG configuration overview.


[extensions.filters.http.sxg.v3alpha.SXG proto]

  "certificate": {...},
  "private_key": {...},
  "duration": {...},
  "mi_record_size": ...,
  "cbor_url": ...,
  "validity_url": ...,
  "client_can_accept_sxg_header": ...,
  "should_encode_sxg_header": ...,
  "header_prefix_filters": []

(extensions.transport_sockets.tls.v3.SdsSecretConfig) The SDS configuration for the public key data for the SSL certificate that will be used to sign the SXG response.


(extensions.transport_sockets.tls.v3.SdsSecretConfig) The SDS configuration for the private key data for the SSL certificate that will be used to sign the SXG response.


(Duration) The duration for which the generated SXG package will be valid. Default is 604800s (7 days in seconds). Note that in order to account for clock skew, the timestamp will be backdated by a day. So, if duration is set to 7 days, that will be 7 days from 24 hours ago (6 days from now). Also note that while 6/7 days is appropriate for most content, if the downstream service is serving Javascript, or HTML with inline Javascript, 1 day (so, with backdated expiry, 2 days, or 172800 seconds) is more appropriate.


(uint64) The SXG response payload is Merkle Integrity Content Encoding (MICE) encoded (specification is [here]( This value indicates the record size in the encoded payload. The default value is 4096.


(string, REQUIRED) The URI of certificate CBOR file published. Since it is required that the certificate CBOR file be served from the same domain as the SXG document, this should be a relative URI.


(string, REQUIRED) URL to retrieve validity data for signature, a CBOR map. See specification [here](


(string) Header that will be set if it is determined that the client can accept SXG (typically accept: application/signed-exchange;v=b3) If not set, filter will default to: x-client-can-accept-sxg


(string) Header set by downstream service to signal that the response should be transformed to SXG If not set, filter will default to: x-should-encode-sxg


(repeated string) Headers that will be stripped from the SXG document, by listing a prefix (i.e. x-custom- will cause all headers prefixed by x-custom- to be omitted from the SXG document)