envoy
envoy copied to clipboard
envoyproxy
uhv: header validators for H1 and H2 codecs
Commit Message: uhv: header validators for H1 and H2 codecs
Additional Description: This PR builds off the foundation laid in #21974 to add validators for H1 and H2. H3 and path normalization are intentionally out of scope for this PR and will be completed later.
Risk Level: Low
Testing: Build Envoy with --define uhv=enabled, configure a service with UHV enabled, and then test a valid and invalid request.
# config.yml, in the HCM section
typed_header_validation_config:
name: envoy.http.header_validators.envoy_default
typed_config:
"@type": type.googleapis.com/envoy.extensions.http.header_validators.envoy_default.v3.HeaderValidatorConfig
#
# UHV configuration
# uncomment any of the following:
#
# restrict_http_methods: true
# reject_headers_with_underscores: true
# http1_protocol_options: {allow_chunked_length: true}
#
# run tests
# valid request
http GET http://localhost:10000 X-Valid:ok
# invalid request
http GET http://localhost:10000 "X Invalid":bad
Fixes #19753 Docs Changes: Release Notes: Platform Specific Features:
CC @envoyproxy/api-shepherds: Your approval is needed for changes made to (api/envoy/|docs/root/api-docs/).
envoyproxy/api-shepherds assignee is @markdroth
CC @envoyproxy/api-watchers: FYI only for changes made to (api/envoy/|docs/root/api-docs/).
:cat:
Caused by: https://github.com/envoyproxy/envoy/pull/22537 was opened by ameily.
![repokitteh-read-only[bot] avatar](https://avatars.githubusercontent.com/in/16729?v=4 "Published by a pub.dev verified publisher"){kind=small}
@alyssawilk Can you rerun the failed CI job? CI is passing for me locally and I think the current failure is because a package couldn't be downloaded.
Retrying Azure Pipelines: Retried failed jobs in: envoy-presubmit
:cat:
Caused by: a https://github.com/envoyproxy/envoy/pull/22537#issuecomment-1208165595 was created by @alyssawilk.
@envoyproxy/api-shepherds assignee is @markdroth
:cat:
Caused by: a https://github.com/envoyproxy/envoy/pull/22537#issuecomment-1208492167 was created by @kyessenov.
Amazing work here!
high level question: are we hooking these up to see where there are going to be behavioral differences? I feel like if we had this turned on for e2e a bunch of Yan and my comments would be obsoleted by test failures :-)
Yes, I think I can do PR that enables the default UHV based on the build flag. We can then merge that PR here and see the results.
Retrying Azure Pipelines: Retried failed jobs in: envoy-presubmit
:cat:
Caused by: a https://github.com/envoyproxy/envoy/pull/22537#issuecomment-1242239706 was created by @yanavlasov.
Retrying Azure Pipelines: Retried failed jobs in: envoy-presubmit
:cat:
Caused by: a https://github.com/envoyproxy/envoy/pull/22537#issuecomment-1243688529 was created by @alyssawilk.
Retrying Azure Pipelines: Retried failed jobs in: envoy-presubmit
:cat:
Caused by: a https://github.com/envoyproxy/envoy/pull/22537#issuecomment-1245354496 was created by @ameily.
Retrying Azure Pipelines: Retried failed jobs in: envoy-presubmit
:cat:
Caused by: a https://github.com/envoyproxy/envoy/pull/22537#issuecomment-1245572951 was created by @yanavlasov.
Retrying Azure Pipelines: Retried failed jobs in: envoy-presubmit
:cat:
Caused by: a https://github.com/envoyproxy/envoy/pull/22537#issuecomment-1245623670 was created by @yanavlasov.
Retrying Azure Pipelines: Retried failed jobs in: envoy-presubmit
:cat:
Caused by: a https://github.com/envoyproxy/envoy/pull/22537#issuecomment-1249479073 was created by @ameily.
@envoyproxy/api-shepherds - This optional validator (default, not enabled) has been approved by Yan, but who is willing to review this for an api stamp of approval?
I'm submitting this PR so we can proceed with follow-up work. If you have any more comments, please open Issues.
Looks like all comments were addressed. If we missed anything, please file an Issue and we will address in a followup PR.