Common application properties

Appendix A: Common application properties

Various properties can be specified inside your application.properties file, inside your application.yml file, or as command line switches. This appendix provides a list of common Spring Cloud Gateway properties and references to the underlying classes that consume them.

Property contributions can come from additional jar files on your classpath, so you should not consider this an exhaustive list. Also, you can define your own properties.

Name	Default	Description
spring.cloud.gateway.default-filters		List of filter definitions that are applied to every route.
spring.cloud.gateway.discovery.locator.enabled	false	Flag that enables DiscoveryClient gateway integration.
spring.cloud.gateway.discovery.locator.filters
spring.cloud.gateway.discovery.locator.include-expression	true	SpEL expression that will evaluate whether to include a service in gateway integration or not, defaults to: true.
spring.cloud.gateway.discovery.locator.lower-case-service-id	false	Option to lower case serviceId in predicates and filters, defaults to false. Useful with eureka when it automatically uppercases serviceId. so MYSERIVCE, would match /myservice/**
spring.cloud.gateway.discovery.locator.predicates
spring.cloud.gateway.discovery.locator.route-id-prefix		The prefix for the routeId, defaults to discoveryClient.getClass().getSimpleName() + "_". Service Id will be appended to create the routeId.
spring.cloud.gateway.discovery.locator.url-expression	'lb://'+serviceId	SpEL expression that create the uri for each route, defaults to: 'lb://'+serviceId.
spring.cloud.gateway.enabled	true	Enables gateway functionality.
spring.cloud.gateway.fail-on-route-definition-error	true	Option to fail on route definition errors, defaults to true. Otherwise, a warning is logged.
spring.cloud.gateway.filter.remove-hop-by-hop.headers
spring.cloud.gateway.filter.remove-hop-by-hop.order
spring.cloud.gateway.filter.request-rate-limiter.deny-empty-key	true	Switch to deny requests if the Key Resolver returns an empty key, defaults to true.
spring.cloud.gateway.filter.request-rate-limiter.empty-key-status-code		HttpStatus to return when denyEmptyKey is true, defaults to FORBIDDEN.
spring.cloud.gateway.filter.secure-headers.content-security-policy	default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src https:; style-src 'self' https: 'unsafe-inline'
spring.cloud.gateway.filter.secure-headers.content-type-options	nosniff
spring.cloud.gateway.filter.secure-headers.disable
spring.cloud.gateway.filter.secure-headers.download-options	noopen
spring.cloud.gateway.filter.secure-headers.frame-options	DENY
spring.cloud.gateway.filter.secure-headers.permitted-cross-domain-policies	none
spring.cloud.gateway.filter.secure-headers.referrer-policy	no-referrer
spring.cloud.gateway.filter.secure-headers.strict-transport-security	max-age=631138519
spring.cloud.gateway.filter.secure-headers.xss-protection-header	1 ; mode=block
spring.cloud.gateway.forwarded.enabled	true	Enables the ForwardedHeadersFilter.
spring.cloud.gateway.globalcors.add-to-simple-url-handler-mapping	false	If global CORS config should be added to the URL handler.
spring.cloud.gateway.globalcors.cors-configurations
spring.cloud.gateway.httpclient.connect-timeout		The connect timeout in millis, the default is 45s.
spring.cloud.gateway.httpclient.max-header-size		The max response header size.
spring.cloud.gateway.httpclient.max-initial-line-length		The max initial line length.
spring.cloud.gateway.httpclient.pool.acquire-timeout		Only for type FIXED, the maximum time in millis to wait for aquiring.
spring.cloud.gateway.httpclient.pool.max-connections		Only for type FIXED, the maximum number of connections before starting pending acquisition on existing ones.
spring.cloud.gateway.httpclient.pool.max-idle-time		Time in millis after which the channel will be closed. If NULL, there is no max idle time.
spring.cloud.gateway.httpclient.pool.max-life-time		Duration after which the channel will be closed. If NULL, there is no max life time.
spring.cloud.gateway.httpclient.pool.name	proxy	The channel pool map name, defaults to proxy.
spring.cloud.gateway.httpclient.pool.type		Type of pool for HttpClient to use, defaults to ELASTIC.
spring.cloud.gateway.httpclient.proxy.host		Hostname for proxy configuration of Netty HttpClient.
spring.cloud.gateway.httpclient.proxy.non-proxy-hosts-pattern		Regular expression (Java) for a configured list of hosts. that should be reached directly, bypassing the proxy
spring.cloud.gateway.httpclient.proxy.password		Password for proxy configuration of Netty HttpClient.
spring.cloud.gateway.httpclient.proxy.port		Port for proxy configuration of Netty HttpClient.
spring.cloud.gateway.httpclient.proxy.username		Username for proxy configuration of Netty HttpClient.
spring.cloud.gateway.httpclient.response-timeout		The response timeout.
spring.cloud.gateway.httpclient.ssl.close-notify-flush-timeout	3000ms	SSL close_notify flush timeout. Default to 3000 ms.
spring.cloud.gateway.httpclient.ssl.close-notify-flush-timeout-millis
spring.cloud.gateway.httpclient.ssl.close-notify-read-timeout		SSL close_notify read timeout. Default to 0 ms.
spring.cloud.gateway.httpclient.ssl.close-notify-read-timeout-millis
spring.cloud.gateway.httpclient.ssl.default-configuration-type		The default ssl configuration type. Defaults to TCP.
spring.cloud.gateway.httpclient.ssl.handshake-timeout	10000ms	SSL handshake timeout. Default to 10000 ms
spring.cloud.gateway.httpclient.ssl.handshake-timeout-millis
spring.cloud.gateway.httpclient.ssl.key-password		Key password, default is same as keyStorePassword.
spring.cloud.gateway.httpclient.ssl.key-store		Keystore path for Netty HttpClient.
spring.cloud.gateway.httpclient.ssl.key-store-password		Keystore password.
spring.cloud.gateway.httpclient.ssl.key-store-provider		Keystore provider for Netty HttpClient, optional field.
spring.cloud.gateway.httpclient.ssl.key-store-type	JKS	Keystore type for Netty HttpClient, default is JKS.
spring.cloud.gateway.httpclient.ssl.trusted-x509-certificates		Trusted certificates for verifying the remote endpoint’s certificate.
spring.cloud.gateway.httpclient.ssl.use-insecure-trust-manager	false	Installs the netty InsecureTrustManagerFactory. This is insecure and not suitable for production.
spring.cloud.gateway.httpclient.websocket.max-frame-payload-length		Max frame payload length.
spring.cloud.gateway.httpclient.websocket.proxy-ping	true	Proxy ping frames to downstream services, defaults to true.
spring.cloud.gateway.httpclient.wiretap	false	Enables wiretap debugging for Netty HttpClient.
spring.cloud.gateway.httpserver.wiretap	false	Enables wiretap debugging for Netty HttpServer.
spring.cloud.gateway.loadbalancer.use404	false
spring.cloud.gateway.metrics.enabled	true	Enables the collection of metrics data.
spring.cloud.gateway.metrics.tags		Tags map that added to metrics.
spring.cloud.gateway.redis-rate-limiter.burst-capacity-header	X-RateLimit-Burst-Capacity	The name of the header that returns the burst capacity configuration.
spring.cloud.gateway.redis-rate-limiter.config
spring.cloud.gateway.redis-rate-limiter.include-headers	true	Whether or not to include headers containing rate limiter information, defaults to true.
spring.cloud.gateway.redis-rate-limiter.remaining-header	X-RateLimit-Remaining	The name of the header that returns number of remaining requests during the current second.
spring.cloud.gateway.redis-rate-limiter.replenish-rate-header	X-RateLimit-Replenish-Rate	The name of the header that returns the replenish rate configuration.
spring.cloud.gateway.redis-rate-limiter.requested-tokens-header	X-RateLimit-Requested-Tokens	The name of the header that returns the requested tokens configuration.
spring.cloud.gateway.routes		List of Routes.
spring.cloud.gateway.set-status.original-status-header-name		The name of the header which contains http code of the proxied request.
spring.cloud.gateway.streaming-media-types
spring.cloud.gateway.x-forwarded.enabled	true	If the XForwardedHeadersFilter is enabled.
spring.cloud.gateway.x-forwarded.for-append	true	If appending X-Forwarded-For as a list is enabled.
spring.cloud.gateway.x-forwarded.for-enabled	true	If X-Forwarded-For is enabled.
spring.cloud.gateway.x-forwarded.host-append	true	If appending X-Forwarded-Host as a list is enabled.
spring.cloud.gateway.x-forwarded.host-enabled	true	If X-Forwarded-Host is enabled.
spring.cloud.gateway.x-forwarded.order	0	The order of the XForwardedHeadersFilter.
spring.cloud.gateway.x-forwarded.port-append	true	If appending X-Forwarded-Port as a list is enabled.
spring.cloud.gateway.x-forwarded.port-enabled	true	If X-Forwarded-Port is enabled.
spring.cloud.gateway.x-forwarded.prefix-append	true	If appending X-Forwarded-Prefix as a list is enabled.
spring.cloud.gateway.x-forwarded.prefix-enabled	true	If X-Forwarded-Prefix is enabled.
spring.cloud.gateway.x-forwarded.proto-append	true	If appending X-Forwarded-Proto as a list is enabled.
spring.cloud.gateway.x-forwarded.proto-enabled	true	If X-Forwarded-Proto is enabled.

Name

Default

Description

spring.cloud.gateway.default-filters

List of filter definitions that are applied to every route.

spring.cloud.gateway.discovery.locator.enabled

false

Flag that enables DiscoveryClient gateway integration.

spring.cloud.gateway.discovery.locator.filters

spring.cloud.gateway.discovery.locator.include-expression

true

SpEL expression that will evaluate whether to include a service in gateway integration or not, defaults to: true.

spring.cloud.gateway.discovery.locator.lower-case-service-id

false

Option to lower case serviceId in predicates and filters, defaults to false. Useful with eureka when it automatically uppercases serviceId. so MYSERIVCE, would match /myservice/**

spring.cloud.gateway.discovery.locator.predicates

spring.cloud.gateway.discovery.locator.route-id-prefix

The prefix for the routeId, defaults to discoveryClient.getClass().getSimpleName() + "_". Service Id will be appended to create the routeId.

spring.cloud.gateway.discovery.locator.url-expression

'lb://'+serviceId

SpEL expression that create the uri for each route, defaults to: 'lb://'+serviceId.

spring.cloud.gateway.enabled

true

Enables gateway functionality.

spring.cloud.gateway.fail-on-route-definition-error

true

Option to fail on route definition errors, defaults to true. Otherwise, a warning is logged.

spring.cloud.gateway.filter.remove-hop-by-hop.headers

spring.cloud.gateway.filter.remove-hop-by-hop.order

spring.cloud.gateway.filter.request-rate-limiter.deny-empty-key

true

Switch to deny requests if the Key Resolver returns an empty key, defaults to true.

spring.cloud.gateway.filter.request-rate-limiter.empty-key-status-code

HttpStatus to return when denyEmptyKey is true, defaults to FORBIDDEN.

spring.cloud.gateway.filter.secure-headers.content-security-policy

default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src https:; style-src 'self' https: 'unsafe-inline'

spring.cloud.gateway.filter.secure-headers.content-type-options

nosniff

spring.cloud.gateway.filter.secure-headers.disable

spring.cloud.gateway.filter.secure-headers.download-options

noopen

spring.cloud.gateway.filter.secure-headers.frame-options

DENY

spring.cloud.gateway.filter.secure-headers.permitted-cross-domain-policies

none

spring.cloud.gateway.filter.secure-headers.referrer-policy

no-referrer

spring.cloud.gateway.filter.secure-headers.strict-transport-security

max-age=631138519

spring.cloud.gateway.filter.secure-headers.xss-protection-header

1 ; mode=block

spring.cloud.gateway.forwarded.enabled

true

Enables the ForwardedHeadersFilter.

spring.cloud.gateway.globalcors.add-to-simple-url-handler-mapping

false

If global CORS config should be added to the URL handler.

spring.cloud.gateway.globalcors.cors-configurations

spring.cloud.gateway.httpclient.connect-timeout

The connect timeout in millis, the default is 45s.

spring.cloud.gateway.httpclient.max-header-size

The max response header size.

spring.cloud.gateway.httpclient.max-initial-line-length

The max initial line length.

spring.cloud.gateway.httpclient.pool.acquire-timeout

Only for type FIXED, the maximum time in millis to wait for aquiring.

spring.cloud.gateway.httpclient.pool.max-connections

Only for type FIXED, the maximum number of connections before starting pending acquisition on existing ones.

spring.cloud.gateway.httpclient.pool.max-idle-time

Time in millis after which the channel will be closed. If NULL, there is no max idle time.

spring.cloud.gateway.httpclient.pool.max-life-time

Duration after which the channel will be closed. If NULL, there is no max life time.

spring.cloud.gateway.httpclient.pool.name

proxy

The channel pool map name, defaults to proxy.

spring.cloud.gateway.httpclient.pool.type

Type of pool for HttpClient to use, defaults to ELASTIC.

spring.cloud.gateway.httpclient.proxy.host

Hostname for proxy configuration of Netty HttpClient.

spring.cloud.gateway.httpclient.proxy.non-proxy-hosts-pattern

Regular expression (Java) for a configured list of hosts. that should be reached directly, bypassing the proxy

spring.cloud.gateway.httpclient.proxy.password

Password for proxy configuration of Netty HttpClient.

spring.cloud.gateway.httpclient.proxy.port

Port for proxy configuration of Netty HttpClient.

spring.cloud.gateway.httpclient.proxy.username

Username for proxy configuration of Netty HttpClient.

spring.cloud.gateway.httpclient.response-timeout

The response timeout.

spring.cloud.gateway.httpclient.ssl.close-notify-flush-timeout

3000ms

SSL close_notify flush timeout. Default to 3000 ms.

spring.cloud.gateway.httpclient.ssl.close-notify-flush-timeout-millis

spring.cloud.gateway.httpclient.ssl.close-notify-read-timeout

SSL close_notify read timeout. Default to 0 ms.

spring.cloud.gateway.httpclient.ssl.close-notify-read-timeout-millis

spring.cloud.gateway.httpclient.ssl.default-configuration-type

The default ssl configuration type. Defaults to TCP.

spring.cloud.gateway.httpclient.ssl.handshake-timeout

10000ms

SSL handshake timeout. Default to 10000 ms

spring.cloud.gateway.httpclient.ssl.handshake-timeout-millis

spring.cloud.gateway.httpclient.ssl.key-password

Key password, default is same as keyStorePassword.

spring.cloud.gateway.httpclient.ssl.key-store

Keystore path for Netty HttpClient.

spring.cloud.gateway.httpclient.ssl.key-store-password

Keystore password.

spring.cloud.gateway.httpclient.ssl.key-store-provider

Keystore provider for Netty HttpClient, optional field.

spring.cloud.gateway.httpclient.ssl.key-store-type

JKS

Keystore type for Netty HttpClient, default is JKS.

spring.cloud.gateway.httpclient.ssl.trusted-x509-certificates

Trusted certificates for verifying the remote endpoint’s certificate.

spring.cloud.gateway.httpclient.ssl.use-insecure-trust-manager

false

Installs the netty InsecureTrustManagerFactory. This is insecure and not suitable for production.

spring.cloud.gateway.httpclient.websocket.max-frame-payload-length

Max frame payload length.

spring.cloud.gateway.httpclient.websocket.proxy-ping

true

Proxy ping frames to downstream services, defaults to true.

spring.cloud.gateway.httpclient.wiretap

false

Enables wiretap debugging for Netty HttpClient.

spring.cloud.gateway.httpserver.wiretap

false

Enables wiretap debugging for Netty HttpServer.

spring.cloud.gateway.loadbalancer.use404

false

spring.cloud.gateway.metrics.enabled

true

Enables the collection of metrics data.

spring.cloud.gateway.metrics.tags

Tags map that added to metrics.

spring.cloud.gateway.redis-rate-limiter.burst-capacity-header

X-RateLimit-Burst-Capacity

The name of the header that returns the burst capacity configuration.

spring.cloud.gateway.redis-rate-limiter.config

spring.cloud.gateway.redis-rate-limiter.include-headers

true

Whether or not to include headers containing rate limiter information, defaults to true.

spring.cloud.gateway.redis-rate-limiter.remaining-header

X-RateLimit-Remaining

The name of the header that returns number of remaining requests during the current second.

spring.cloud.gateway.redis-rate-limiter.replenish-rate-header

X-RateLimit-Replenish-Rate

The name of the header that returns the replenish rate configuration.

spring.cloud.gateway.redis-rate-limiter.requested-tokens-header

X-RateLimit-Requested-Tokens

The name of the header that returns the requested tokens configuration.

spring.cloud.gateway.routes

List of Routes.

spring.cloud.gateway.set-status.original-status-header-name

The name of the header which contains http code of the proxied request.

spring.cloud.gateway.streaming-media-types

spring.cloud.gateway.x-forwarded.enabled

true

If the XForwardedHeadersFilter is enabled.

spring.cloud.gateway.x-forwarded.for-append

true

If appending X-Forwarded-For as a list is enabled.

spring.cloud.gateway.x-forwarded.for-enabled

true

If X-Forwarded-For is enabled.

spring.cloud.gateway.x-forwarded.host-append

true

If appending X-Forwarded-Host as a list is enabled.

spring.cloud.gateway.x-forwarded.host-enabled

true

If X-Forwarded-Host is enabled.

spring.cloud.gateway.x-forwarded.order

The order of the XForwardedHeadersFilter.

spring.cloud.gateway.x-forwarded.port-append

true

If appending X-Forwarded-Port as a list is enabled.

spring.cloud.gateway.x-forwarded.port-enabled

true

If X-Forwarded-Port is enabled.

spring.cloud.gateway.x-forwarded.prefix-append

true

If appending X-Forwarded-Prefix as a list is enabled.

spring.cloud.gateway.x-forwarded.prefix-enabled

true

If X-Forwarded-Prefix is enabled.

spring.cloud.gateway.x-forwarded.proto-append

true

If appending X-Forwarded-Proto as a list is enabled.

spring.cloud.gateway.x-forwarded.proto-enabled

true

If X-Forwarded-Proto is enabled.