Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[config] Add basic config validators for path rewrite, host rewrite and redirect actions #10367

Merged
merged 2 commits into from
Mar 15, 2020
Merged

[config] Add basic config validators for path rewrite, host rewrite and redirect actions #10367

merged 2 commits into from
Mar 15, 2020

Conversation

antoniovicente
Copy link
Contributor

Description: Reject path rewrite, host rewrite and redirect config fields that contain \0, \r or \n characters. This provides some basic protection against config errors that could result in problems due to the proxy, upstream and downstream disagreeing about the contents of headers.
Risk Level: medium
Testing: Added config tests that trigger on the new validations
Docs Changes: n/a
Release Notes: TBD
Fixes #10332

@antoniovicente
Add basic config validators for path rewrite, host rewrite and redire…
a022be7 
…ct actions that reject \0, \r and \n characters.

Signed-off-by: Antonio Vicente <avd@google.com>
@repokitteh-read-only
Copy link

CC @envoyproxy/api-shepherds: Your approval is needed for changes made to api/.

🐱

Caused by: #10367 was opened by antoniovicente.

see: more, trace.

@lizan
Copy link
Member

lizan commented Mar 12, 2020

/azp run envoy-windows

@azure-pipelines
Copy link

Azure Pipelines could not run because the pipeline triggers exclude this branch/path.

@alyssawilk
Copy link
Contributor

cc @htuch @lizan for API policy review.

@antoniovicente
Kick CI
b81443c 
Signed-off-by: Antonio Vicente <avd@google.com>
@antoniovicente
Copy link
Contributor Author

First CI attempt failed due to gitdb package being too old. Now the mac CI failed while installing dependencies.

I'll kick it again sometime later.

@htuch htuch self-assigned this Mar 13, 2020
htuch
htuch approved these changes Mar 13, 2020
View reviewed changes
Copy link
Member

@htuch htuch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mattklein123 mattklein123 merged commit 1d751a5 into envoyproxy:master Mar 15, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@htuch htuch htuch approved these changes

Assignees

@yanavlasov yanavlasov

@htuch htuch

Labels
None yet
Projects
None yet
Milestone
No milestone
6 participants
@antoniovicente @lizan @alyssawilk @htuch @mattklein123 @yanavlasov