Review feedback

nginxinc · Aug 15, 2023 · f5b988f · f5b988f
1 parent a7fc0fc
commit f5b988f
Show file tree

Hide file tree

Showing 4 changed files with 48 additions and 3 deletions.
diff --git a/internal/mode/static/nginx/config/servers_template.go b/internal/mode/static/nginx/config/servers_template.go
@@ -51,6 +51,7 @@ server {
         proxy_set_header {{ $h.Name }} "{{ $h.Value }}";
             {{- end }}
         proxy_set_header Host $gw_api_compliant_host;
+        proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection $connection_upgrade;
         proxy_pass {{ $l.ProxyPass }}$request_uri;

diff --git a/internal/mode/static/nginx/config/validation/common.go b/internal/mode/static/nginx/config/validation/common.go
@@ -52,19 +52,25 @@ func validateEscapedStringNoVarExpansion(value string, examples []string) error
 }
 
 const (
-	invalidHeadersErrMsg string = "redefining the Host, Connection, or Upgrade request headers is not supported"
+	invalidHeadersErrMsg string = "unsupported header name configured, unsupported names are: "
 	maxHeaderLength      int    = 256
 )
 
+var invalidHeaders = map[string]struct{}{
+	"host":       {},
+	"connection": {},
+	"upgrade":    {},
+}
+
 func validateHeaderName(name string) error {
 	if len(name) > maxHeaderLength {
 		return errors.New(k8svalidation.MaxLenError(maxHeaderLength))
 	}
 	if msg := k8svalidation.IsHTTPHeaderName(name); msg != nil {
 		return errors.New(msg[0])
 	}
-	if strings.ToLower(name) == "host" || strings.ToLower(name) == "connection" || strings.ToLower(name) == "upgrade" {
-		return errors.New(invalidHeadersErrMsg)
+	if valid, invalidHeadersAsStrings := validateNoUnsupportedValues(strings.ToLower(name), invalidHeaders); !valid {
+		return errors.New(invalidHeadersErrMsg + strings.Join(invalidHeadersAsStrings, ", "))
 	}
 	return nil
 }
diff --git a/internal/mode/static/nginx/config/validation/framework.go b/internal/mode/static/nginx/config/validation/framework.go
@@ -20,6 +20,16 @@ func validateInSupportedValues[T configValue](
 	return false, getSortedKeysAsString(supportedValues)
 }
 
+func validateNoUnsupportedValues[T configValue](
+	value T,
+	unsupportedValues map[T]struct{},
+) (valid bool, unsupportedValuesAsStrings []string) {
+	if _, exist := unsupportedValues[value]; exist {
+		return false, getSortedKeysAsString(unsupportedValues)
+	}
+	return true, nil
+}
+
 func getSortedKeysAsString[T configValue](m map[T]struct{}) []string {
 	keysAsString := make([]string, 0, len(m))
 

diff --git a/internal/mode/static/nginx/config/validation/framework_test.go b/internal/mode/static/nginx/config/validation/framework_test.go
@@ -99,6 +99,34 @@ func TestValidateInSupportedValues(t *testing.T) {
 	)
 }
 
+func TestValidateNoUnsupportedValues(t *testing.T) {
+	unsupportedValues := map[string]struct{}{
+		"badvalue1": {},
+		"badvalue2": {},
+		"badvalue3": {},
+	}
+
+	validator := func(value string) (bool, []string) {
+		return validateNoUnsupportedValues(value, unsupportedValues)
+	}
+
+	testValidValuesForSupportedValuesValidator(
+		t,
+		validator,
+		"value1",
+		"value2",
+		"value3",
+	)
+	testInvalidValuesForSupportedValuesValidator(
+		t,
+		validator,
+		unsupportedValues,
+		"badvalue1",
+		"badvalue2",
+		"badvalue3",
+	)
+}
+
 func TestGetSortedKeysAsString(t *testing.T) {
 	values := map[string]struct{}{
 		"value3": {},