You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If you are reporting any crash or any potential security issue, do not
open an issue in this repo. Please report the issue via emailing envoy-security@googlegroups.com where the issue will be triaged appropriately.
Title: One line description
Description:
Describe the issue.
how is csrf filter work,where is the token optional Relevant Links:]
Any extra documentation required to understand the issue.
The text was updated successfully, but these errors were encountered:
The Envoy CSRF filter does not use a token pattern but instead uses an origin-based one. You can read more on the possible mitigation patterns and why we chose to rely on the origin as well as implementation details in the description of the original PR #6470 :)
If you are reporting any crash or any potential security issue, do not
open an issue in this repo. Please report the issue via emailing
envoy-security@googlegroups.com where the issue will be triaged appropriately.
Title: One line description
Description:
The text was updated successfully, but these errors were encountered: