Open
Description
What would you like to be added:
The ability to configure CORS policies on a HTTPRoute
Why this is needed:
CORS is needed to relax specific restrictions of SOP associated with requests sent from a web browser.
To learn more visit https://enable-cors.org/index.html
How some common data plane implementations that do this today
- Envoy - https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/cors_filter
- NGINX - https://enable-cors.org/server_nginx.html
- Many more in - https://enable-cors.org/server.html
Here is an example of existing high level APIs
- Contour - https://projectcontour.io/docs/v1.21.1/config/cors/
- Istio - https://istio.io/latest/docs/reference/config/networking/virtual-service/#CorsPolicy
- Envoy Gateway - https://gateway.envoyproxy.io/latest/user/cors/
- Ingress NGINX - https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#enable-cors
Relates to envoyproxy/gateway#567
Metadata
Assignees
Labels
Denotes an issue ready for a new contributor, according to the "help wanted" guidelines.Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines.Categorizes issue or PR as related to a new feature.PRs related to Gateway Enhancement Proposal(GEP)Important over the long term, but may not be staffed and/or may need multiple releases to complete.
Type
Projects
Status
Proposed