jwt_authn: bypass CORS preflight request (#9004)

Description: Bypass the CORS preflight request in the JWT filter Risk Level: Low Testing: Added unit test and integration test Docs Changes: n/a Release Notes: Added `jwt_authn: added to bypass the CORS preflight request.` Fixes https://github.com/istio/istio/issues/16171 Signed-off-by: Yangmin Zhu <ymzhu@google.com> Mirrored from https://github.com/envoyproxy/envoy @ a29a083d9c260422b314ef47ca264b6815e548ab
5 years ago · df4d897ecf
parent e3ce8a9a15
commit df4d897ecf
2 changed files with 10 additions and 0 deletions
--- a/envoy/config/filter/http/jwt_authn/v2alpha/config.proto
+++ b/envoy/config/filter/http/jwt_authn/v2alpha/config.proto
@ -465,4 +465,9 @@ message JwtAuthentication {
  // The *rules* field above is checked first, if it could not find any matches,
  // check this one.
  FilterStateRule filter_state_rules = 3;
+
+  // When set to true, bypass the `CORS preflight request
+  // <http://www.w3.org/TR/cors/#cross-origin-request-with-preflight>`_ regardless of JWT
+  // requirements specified in the rules.
+  bool bypass_cors_preflight = 4;
 }
--- a/envoy/config/filter/http/jwt_authn/v3alpha/config.proto
+++ b/envoy/config/filter/http/jwt_authn/v3alpha/config.proto
@ -465,4 +465,9 @@ message JwtAuthentication {
  // The *rules* field above is checked first, if it could not find any matches,
  // check this one.
  FilterStateRule filter_state_rules = 3;
+
+  // When set to true, bypass the `CORS preflight request
+  // <http://www.w3.org/TR/cors/#cross-origin-request-with-preflight>`_ regardless of JWT
+  // requirements specified in the rules.
+  bool bypass_cors_preflight = 4;
 }