-
Notifications
You must be signed in to change notification settings - Fork 169
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Referrer filter option #414
Comments
I believe this is something that could be solved by a policy in the next release. |
Adding to 3.3 milestone as agreed with @andrewdavidmackenzie |
Is a P2 priority at the moment for 3scale/Red Hat, but seemed an easy one. |
@mikz I'm not sure this should be implemented as a new policy. It would need to be combined with the If I understood this correctly, we just need to optionally add a new param to the |
@davidor The only way to make this policy would be to have some generic way for policies to add params to the authrep call: https://github.com/3scale/apicast/blob/7b06e3ed8fcce3fd6aecdb41eb216ffc9f73d56e/gateway/src/apicast/proxy.lua#L139 I think we should try to make everything possible with policies even though it might be more straightforward as a flag, just because it will enable more flexibility for other customizations. |
In my opinion, implementing a generic way to allow policies to add params to the backend calls is more valuable than having this implemented as a policy. But we need the former to achieve the latter, so ok, let's give it a go and see how it looks. |
3scale SAAS and on-prem product supports Referrer filter. https://support.3scale.net/docs/api-authentication/authentication-patterns. We had the option to enable referrer filter on old nginx files https://support.3scale.net/codehub/referer-filter-nginx.
With the recent development of apicast, there is a need to have this option available as an env variable.
Todo.
APICAST_REFERRER_FILTER
valuetrue|false
https://github.com/3scale/apicast/blob/57790a667b6b6a035ce1ef6c17d3a6637095fd94/apicast/conf.d/apicast.conf#L19
with
The text was updated successfully, but these errors were encountered: