gateway icon indicating copy to clipboard operation
gateway copied to clipboard
verified publisher icon envoyproxy

fix: prevent configuring requestMirror filter and directResponse/RequestRedirect filter together

Open zhaohuabing opened this issue 2 months ago • 4 comments

Fixes #7473 Release Notes: Yes

zhaohuabing avatar Nov 10 '25 07:11 zhaohuabing

Codecov Report

:white_check_mark: All modified and coverable lines are covered by tests. :white_check_mark: Project coverage is 72.32%. Comparing base (343aeb3) to head (7abab91). :warning: Report is 1 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #7474      +/-   ##
==========================================
- Coverage   72.42%   72.32%   -0.10%     
==========================================
  Files         234      234              
  Lines       34538    34550      +12     
==========================================
- Hits        25013    24988      -25     
- Misses       7737     7768      +31     
- Partials     1788     1794       +6

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

:rocket: New features to boost your workflow:
  • :snowflake: Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • :package: JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

codecov[bot] avatar Nov 10 '25 08:11 codecov[bot]

/retest

cnvergence avatar Nov 17 '25 16:11 cnvergence

worth adding a release note around breaking change, something like

  rules:
  - matches:
    - path:
        type: PathPrefix
        value: /foo
    filters:
    - type: RequestRedirect
      requestRedirect:
        scheme: https
        statusCode: 302
    - type: ResponseHeaderModifier
      responseHeaderModifier:
        add:
        - name: X-Bad
          value: "bad\nvalue"   # invalid per HeaderValueRegexp

will no longer work

arkodg avatar Dec 11 '25 08:12 arkodg

worth adding a release note around breaking change, something like

  rules:
  - matches:
    - path:
        type: PathPrefix
        value: /foo
    filters:
    - type: RequestRedirect
      requestRedirect:
        scheme: https
        statusCode: 302
    - type: ResponseHeaderModifier
      responseHeaderModifier:
        add:
        - name: X-Bad
          value: "bad\nvalue"   # invalid per HeaderValueRegexp

will no longer work

I might be missing somthing, but this PR doesn't touch the code for responseHeaderModifier validation logic.

There is already a release note for the breaking change introduced in this PR:

 Set HTTPRoute Accepted status to False when RequestMirror filter is used together with DirectResponse or RequestRedirect filters.

zhaohuabing avatar Dec 12 '25 09:12 zhaohuabing