L7 protection (XSS, SQL injection) policies

So this XSS/SQLinjection protection is not enabled right now in istio?