Plugin to use to filter requests based on header value

Robert_Metcalf · May 29, 2019, 9:06am

To protect my API I want to filter requests going to an API by the values in the Origin header.

(I understand this can’t be spoofed in a browser)

I thought that it was pretty simple and there must be a Kong plugin for that

I have checked through all the plugins and I can’t find one. Can anyone point me in the right direction?
Thanks
Robert

hbagdi · June 4, 2019, 4:00pm

You can use the CORS plugin to disallow any traffic that doesn’t your Origins policy.

kayaman · June 6, 2019, 8:06pm

Hi @Robert_Metcalf! Besides the security concerns, you can write a plugin to do that, very easy. Take a look at my Github, I have something similar (abandoned): https://github.com/kayaman/kong-plugin-x-country
It would be a pleasure to help, if you need.

Topic		Replies	Views
CORS plugin: how does it know if it's a string or a regex? Questions	1	1548	August 17, 2020
Cross-origin Resource Sharing (CORS) Plugin Questions	0	362	November 28, 2017
Setup Cors Plugin in Route Installation/Setup	1	726	April 14, 2020
Rate Limiting Based on Custom Header Questions	3	681	March 16, 2022
Request Transformer Plugin Questions	9	2033	May 25, 2023

Plugin to use to filter requests based on header value

Related Topics