package envoy.extensions.filters.http.cors.v3

Get desktop application:
View/edit binary Protocol Buffers messages

Cors filter config. Set this in :ref:`http_filters <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.http_filters>` to enable the CORS filter. Please note that the :ref:`CorsPolicy <envoy_v3_api_msg_extensions.filters.http.cors.v3.CorsPolicy>` must be configured in the ``RouteConfiguration`` as ``typed_per_filter_config`` at some level to make the filter work.

(message has no fields)

Per route configuration for the CORS filter. This configuration should be configured in the ``RouteConfiguration`` as ``typed_per_filter_config`` at some level to make the filter work. [#next-free-field: 11]

• repeated type.matcher.v3.StringMatcher allow_origin_string_match = 1

  Specifies string patterns that match allowed origins. An origin is allowed if any of the string matchers match.

• string allow_methods = 2

  Specifies the content for the ``access-control-allow-methods`` header.

• string allow_headers = 3

  Specifies the content for the ``access-control-allow-headers`` header.

• string expose_headers = 4

  Specifies the content for the ``access-control-expose-headers`` header.

• string max_age = 5

  Specifies the content for the ``access-control-max-age`` header.

• optional google.protobuf.BoolValue allow_credentials = 6

  Specifies whether the resource allows credentials.

• optional config.core.v3.RuntimeFractionalPercent filter_enabled = 7

  Specifies the % of requests for which the CORS filter is enabled. If neither ``filter_enabled``, nor ``shadow_enabled`` are specified, the CORS filter will be enabled for 100% of the requests. If :ref:`runtime_key <envoy_v3_api_field_config.core.v3.RuntimeFractionalPercent.runtime_key>` is specified, Envoy will lookup the runtime key to get the percentage of requests to filter.

• optional config.core.v3.RuntimeFractionalPercent shadow_enabled = 8

  Specifies the % of requests for which the CORS policies will be evaluated and tracked, but not enforced. This field is intended to be used when ``filter_enabled`` is off. That field have to explicitly disable the filter in order for this setting to take effect. If :ref:`runtime_key <envoy_v3_api_field_config.core.v3.RuntimeFractionalPercent.runtime_key>` is specified, Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate and track the request's ``Origin`` to determine if it's valid but will not enforce any policies.

• optional google.protobuf.BoolValue allow_private_network_access = 9

  Specify whether allow requests whose target server's IP address is more private than that from which the request initiator was fetched. More details refer to https://developer.chrome.com/blog/private-network-access-preflight.

• optional google.protobuf.BoolValue forward_not_matching_preflights = 10

  Specifies if preflight requests not matching the configured allowed origin should be forwarded to the upstream. Default is true.