envoyproxy/gateway

Allow for non http(s) schemes in securityPolicy

Open

#9,014 建立於 2026年5月16日

在 GitHub 查看
 (4 留言) (0 反應) (0 負責人)Go (802 fork)auto 404
help wanted

倉庫指標

Star
 (2,871 star)
PR 合併指標
 (PR 指標待抓取)

描述

The current SecurityPolicy CRD restricts the CORS filter's allowed origins to http(s) schemes only.

Is this intentional in order to conform with the HTTPRoute CORS definition?

I think it would be reasonable to allow non-HTTP(S) schemes here as well. The use case is admittedly niche, and anyone who really needs this could locally patch the CRD and move on, but I cannot think of any rationale for this restriction to begin with.

貢獻者指南