tzssangglass commented on code in PR #8487:
URL: https://github.com/apache/apisix/pull/8487#discussion_r1046874823
##########
docs/en/latest/plugins/csrf.md:
##########
@@ -41,6 +41,8 @@ This Plugin considers the `GET`, `HEAD` and `OPTIONS` methods
to be safe operati
| expires | number | False | `7200` | Expiration time in
seconds of the CSRF cookie. Set to `0` to skip checking expiration time. |
| key | string | True | | Secret key used to
encrypt the cookie. |
+NOTE: `encrypt_fields = {"key"}` is also defined in the schema, which means
that the field will be stored encrypted in etcd. See [encrypted storage
fields](../plugin-develop.md#encrypted-storage-fields).
Review Comment:
I guess there is no difference? For this field, the only encrypted state is
in etcd. They are decrypted when APISIX is running and when fetched via the
admin API.
I think the way I wrote it better conveys the idea that it is only encrypted
in etcd.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
