Skip to main content

5 docs tagged with "policy"

View all tags

Body Inspection & Limits

Enabling request/response body buffering, size and time limits, and the always-on structural protections — truncation guard, content decoding, and the process-wide body budget.

Built-in Checks & Pipeline Order

The built-in header and body checks, skip_checks exemptions, custom pipeline stage ordering, audit sampling, and per-policy log level.

Data Loss Prevention (DLP)

Block hard secrets and redact PII in request or response bodies — kinds, block vs redact precedence, and how in-place redaction works mechanically.

Modes & Fail Postures

What block, detect, shadow, and off actually do to a request; fail_open vs fail_close; and the recommended detect → shadow → block rollout.

The SecurityPolicy Model

The Elchi Shield policy file format — envelope, domains, routes, match predicates, inheritance, and multi-file merge semantics.