istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix issue 37292 (#10899)

This commit is contained in:
Xiaopeng Han 2022-02-14 10:37:18 +08:00 committed by GitHub
parent e863de7b41
commit 1a3a3cd05a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
content/en/docs/ops/configuration/traffic-management/network-topologies/index.md
View File

@ -186,14 +186,14 @@ spec:
where `ENUM_VALUE` can be of the following type.
| `ENUM_VALUE` | |
|-----------------------|--------------------------------------------------------------------------------------------------------------------------------|
| `UNDEFINED` | Field is not set. |
| `SANITIZE` | Do not send the XFCC header to the next hop. This is the default value for a gateway. |
| `FORWARD_ONLY` | When the client connection is mTLS (Mutual TLS), forward the XFCC header in the request. |
| `APPEND_FORWARD` | When the client connection is mTLS, append the client certificate information to the requests XFCC header and forward it. |
| `SANITIZE_SET` | When the client connection is mTLS, reset the XFCC header with the client certificate information and send it to the next hop. |
| `ALWAYS_FORWARD_ONLY` | Always forward the XFCC header in the request, regardless of whether the client connection is mTLS. |
| `ENUM_VALUE` | |
|-----------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `UNDEFINED` | Field is not set. |
| `SANITIZE` | Do not send the XFCC header to the next hop. |
| `FORWARD_ONLY` | When the client connection is mTLS (Mutual TLS), forward the XFCC header in the request. |
| `APPEND_FORWARD` | When the client connection is mTLS, append the client certificate information to the requests XFCC header and forward it. |
| `SANITIZE_SET` | When the client connection is mTLS, reset the XFCC header with the client certificate information and send it to the next hop. This is the default value for a gateway. |
| `ALWAYS_FORWARD_ONLY` | Always forward the XFCC header in the request, regardless of whether the client connection is mTLS. |
See the [Envoy documentation](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_conn_man/headers#x-forwarded-client-cert)
for examples of using this capability.