From df4d897ecf6697fb54032bfb501e4f6d1b3e7d0b Mon Sep 17 00:00:00 2001 From: "data-plane-api(CircleCI)" Date: Fri, 15 Nov 2019 21:42:00 +0000 Subject: [PATCH] jwt_authn: bypass CORS preflight request (#9004) Description: Bypass the CORS preflight request in the JWT filter Risk Level: Low Testing: Added unit test and integration test Docs Changes: n/a Release Notes: Added `jwt_authn: added to bypass the CORS preflight request.` Fixes https://github.com/istio/istio/issues/16171 Signed-off-by: Yangmin Zhu Mirrored from https://github.com/envoyproxy/envoy @ a29a083d9c260422b314ef47ca264b6815e548ab --- envoy/config/filter/http/jwt_authn/v2alpha/config.proto | 5 +++++ envoy/config/filter/http/jwt_authn/v3alpha/config.proto | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/envoy/config/filter/http/jwt_authn/v2alpha/config.proto b/envoy/config/filter/http/jwt_authn/v2alpha/config.proto index 2d5f656e..50105dad 100644 --- a/envoy/config/filter/http/jwt_authn/v2alpha/config.proto +++ b/envoy/config/filter/http/jwt_authn/v2alpha/config.proto @@ -465,4 +465,9 @@ message JwtAuthentication { // The *rules* field above is checked first, if it could not find any matches, // check this one. FilterStateRule filter_state_rules = 3; + + // When set to true, bypass the `CORS preflight request + // `_ regardless of JWT + // requirements specified in the rules. + bool bypass_cors_preflight = 4; } diff --git a/envoy/config/filter/http/jwt_authn/v3alpha/config.proto b/envoy/config/filter/http/jwt_authn/v3alpha/config.proto index bdabd330..4efefb37 100644 --- a/envoy/config/filter/http/jwt_authn/v3alpha/config.proto +++ b/envoy/config/filter/http/jwt_authn/v3alpha/config.proto @@ -465,4 +465,9 @@ message JwtAuthentication { // The *rules* field above is checked first, if it could not find any matches, // check this one. FilterStateRule filter_state_rules = 3; + + // When set to true, bypass the `CORS preflight request + // `_ regardless of JWT + // requirements specified in the rules. + bool bypass_cors_preflight = 4; }