diff --git a/deployments/common/crds/appprotect.f5.com_appolicies.yaml b/deployments/common/crds/appprotect.f5.com_appolicies.yaml index 9c32159a6b..abe338f87a 100644 --- a/deployments/common/crds/appprotect.f5.com_appolicies.yaml +++ b/deployments/common/crds/appprotect.f5.com_appolicies.yaml @@ -166,6 +166,7 @@ spec: - VIOL_GRPC_METHOD - VIOL_PARAMETER_ARRAY_VALUE - VIOL_PARAMETER_VALUE_REGEXP + - VIOL_CSRF - VIOL_PARAMETER_VALUE_BASE64 - VIOL_MANDATORY_HEADER - VIOL_HEADER_REPEATED @@ -386,6 +387,40 @@ spec: type: integer type: object type: array + csrf-protection: + properties: + enabled: + type: boolean + expirationTimeInSeconds: + pattern: disabled|\d+ + type: string + sslOnly: + type: boolean + type: object + csrf-urls: + items: + properties: + $action: + enum: + - delete + type: string + enforcementAction: + enum: + - verify-origin + - none + type: string + method: + enum: + - GET + - POST + - any + type: string + url: + type: string + wildcardOrder: + type: integer + type: object + type: array data-guard: properties: creditCardNumbers: @@ -618,6 +653,19 @@ spec: type: integer type: object type: array + host-names: + items: + properties: + $action: + enum: + - delete + type: string + includeSubdomains: + type: boolean + name: + type: string + type: object + type: array idl-files: items: properties: @@ -1180,13 +1228,57 @@ spec: items: properties: $action: + enum: + - delete + type: string + allowRenderingInFrames: + enum: + - never + - only-same + type: string + allowRenderingInFramesOnlyFrom: type: string attackSignaturesCheck: type: boolean + clickjackingProtection: + type: boolean description: type: string disallowFileUploadOfExecutables: type: boolean + html5CrossOriginRequestsEnforcement: + properties: + allowOriginsEnforcementMode: + enum: + - replace-with + - unmodified + type: string + checkAllowedMethods: + type: boolean + crossDomainAllowedOrigin: + items: + properties: + includeSubDomains: + type: boolean + originName: + type: string + originPort: + pattern: any|\d+ + type: string + originProtocol: + enum: + - http + - http/https + - https + type: string + type: object + type: array + enforcementMode: + enum: + - disabled + - enforce + type: string + type: object isAllowed: type: boolean mandatoryBody: @@ -1298,6 +1390,8 @@ spec: type: boolean name: type: string + operationId: + type: string positionalParameters: items: properties: diff --git a/deployments/helm-chart/crds/appprotect.f5.com_appolicies.yaml b/deployments/helm-chart/crds/appprotect.f5.com_appolicies.yaml index 9c32159a6b..abe338f87a 100644 --- a/deployments/helm-chart/crds/appprotect.f5.com_appolicies.yaml +++ b/deployments/helm-chart/crds/appprotect.f5.com_appolicies.yaml @@ -166,6 +166,7 @@ spec: - VIOL_GRPC_METHOD - VIOL_PARAMETER_ARRAY_VALUE - VIOL_PARAMETER_VALUE_REGEXP + - VIOL_CSRF - VIOL_PARAMETER_VALUE_BASE64 - VIOL_MANDATORY_HEADER - VIOL_HEADER_REPEATED @@ -386,6 +387,40 @@ spec: type: integer type: object type: array + csrf-protection: + properties: + enabled: + type: boolean + expirationTimeInSeconds: + pattern: disabled|\d+ + type: string + sslOnly: + type: boolean + type: object + csrf-urls: + items: + properties: + $action: + enum: + - delete + type: string + enforcementAction: + enum: + - verify-origin + - none + type: string + method: + enum: + - GET + - POST + - any + type: string + url: + type: string + wildcardOrder: + type: integer + type: object + type: array data-guard: properties: creditCardNumbers: @@ -618,6 +653,19 @@ spec: type: integer type: object type: array + host-names: + items: + properties: + $action: + enum: + - delete + type: string + includeSubdomains: + type: boolean + name: + type: string + type: object + type: array idl-files: items: properties: @@ -1180,13 +1228,57 @@ spec: items: properties: $action: + enum: + - delete + type: string + allowRenderingInFrames: + enum: + - never + - only-same + type: string + allowRenderingInFramesOnlyFrom: type: string attackSignaturesCheck: type: boolean + clickjackingProtection: + type: boolean description: type: string disallowFileUploadOfExecutables: type: boolean + html5CrossOriginRequestsEnforcement: + properties: + allowOriginsEnforcementMode: + enum: + - replace-with + - unmodified + type: string + checkAllowedMethods: + type: boolean + crossDomainAllowedOrigin: + items: + properties: + includeSubDomains: + type: boolean + originName: + type: string + originPort: + pattern: any|\d+ + type: string + originProtocol: + enum: + - http + - http/https + - https + type: string + type: object + type: array + enforcementMode: + enum: + - disabled + - enforce + type: string + type: object isAllowed: type: boolean mandatoryBody: @@ -1298,6 +1390,8 @@ spec: type: boolean name: type: string + operationId: + type: string positionalParameters: items: properties: