http: processing of headers with underscores in names#10611
http: processing of headers with underscores in names#10611mattklein123 merged 6 commits intoenvoyproxy:masterfrom
Conversation
* add config option to either allow, drop header or reject request * applies to client request headers only Signed-off-by: Yan Avlasov <yavlasov@google.com>
yanavlasov
requested review from
alyssawilk,
lizan and
mattklein123
as code owners
yanavlasov
changed the title
Signed-off-by: Yan Avlasov <yavlasov@google.com>
mattklein123
left a comment
mattklein123
left a comment
There was a problem hiding this comment.
Awesome work, thanks. Just a few small comments.
/wait
| return [](Http::FilterChainFactoryCallbacks& callbacks) -> void { | ||
| callbacks.addStreamDecoderFilter( | ||
| std::make_shared<HeaderToFilterStateFilter>("jwt_selector", "jwt_selector")); | ||
| std::make_shared<HeaderToFilterStateFilter>("jwt-selector", "jwt-selector")); |
There was a problem hiding this comment.
Given that we decided to keep the default as allow, maybe revert all of these test changes that we don't need?
Signed-off-by: Yan Avlasov <yavlasov@google.com>
Signed-off-by: Yan Avlasov <yavlasov@google.com>
Signed-off-by: Yan Avlasov <yavlasov@google.com>
mattklein123
left a comment
mattklein123
left a comment
There was a problem hiding this comment.
Awesome, thank you. Can you do me a favor and open a tech debt issue to follow up on unifying all of the checks between the codecs into a single piece of code somehow? We need to also get this implemented for HTTP/3 before we call that finished so that would be a good opportunity to do that unification. cc @danzh2010
|
Oops compile error looks legit. /wait |
|
/azp run envoy-presubmit |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
clang-tidy error seems to be bogus. It looks like include search directories may be not set correctly. |
|
@yanavlasov can you make sure that the bazel deps are correct for that target? Sometimes there are issues with that. Also can you merge master and open the follow up issue re: unification and QUIC? Thank you! /wait |
|
Will do. Header validation issue: #10646 |
Signed-off-by: Yan Avlasov <yavlasov@google.com>
|
I will go ahead and merge this as we need to do a full master pass over clang-tidy anyway. Thank you! |
|
/backport |
repokitteh-read-only
bot
added
the
backport/review
|
@mattklein123 @yanavlasov @lizan any thoughts on whether we should backport this to stable branches or not? |
|
@PiotrSikora I would defer to you. Given that we ultimately agreed with your original assessment that it is a feature request, I think it makes sense either way. |
Signed-off-by: Yan Avlasov <yavlasov@google.com> Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Signed-off-by: Yan Avlasov <yavlasov@google.com> Signed-off-by: Piotr Sikora <piotrsikora@google.com>
PiotrSikora
added
backport/approved
3 participants
Risk Level: Low (default behavior unchanged)
Testing: Unit+Integration Tests
Docs Changes: Yes
Release Notes: Yes
Signed-off-by: Yan Avlasov yavlasov@google.com