package envoy.extensions.filters.http.csrf.v3

Get desktop application:
View/edit binary Protocol Buffers messages

CSRF filter config.

• optional config.core.v3.RuntimeFractionalPercent filter_enabled = 1

  Specifies the % of requests for which the CSRF filter is enabled. If :ref:`runtime_key <envoy_v3_api_field_config.core.v3.RuntimeFractionalPercent.runtime_key>` is specified, Envoy will lookup the runtime key to get the percentage of requests to filter. .. note:: This field defaults to 100/:ref:`HUNDRED <envoy_v3_api_enum_type.v3.FractionalPercent.DenominatorType>`.

• optional config.core.v3.RuntimeFractionalPercent shadow_enabled = 2

  Specifies that CSRF policies will be evaluated and tracked, but not enforced. This is intended to be used when ``filter_enabled`` is off and will be ignored otherwise. If :ref:`runtime_key <envoy_v3_api_field_config.core.v3.RuntimeFractionalPercent.runtime_key>` is specified, Envoy will lookup the runtime key to get the percentage of requests for which it will evaluate and track the request's ``Origin`` and ``Destination`` to determine if it's valid, but will not enforce any policies.

• repeated type.matcher.v3.StringMatcher additional_origins = 3

  Specifies additional source origins that will be allowed in addition to the destination origin. More information on how this can be configured via runtime can be found :ref:`here <csrf-configuration>`.