router: add config to send date header with requests
#11915
Conversation
Signed-off-by: Michael Rebello <me@michaelrebello.com>
Signed-off-by: Michael Rebello <me@michaelrebello.com>
As per the RFC "HTTP/1.1 clients and servers [...] MUST only generate the RFC 1123 format for representing HTTP-date values in header fields." So I don't know how much sense it would make to support generating the date other formats that deviate from the RFC. Example of the RFC 1123 format: |
|
@murki great call out. +1 to that comment; I updated the PR description. |
Signed-off-by: Michael Rebello <me@michaelrebello.com>
Signed-off-by: Michael Rebello <me@michaelrebello.com>
Signed-off-by: Michael Rebello <me@michaelrebello.com>
|
Thanks for the review @asraa - I updated per your comments. Also pushed some changes to ensure that the header gets updated on each retry (as was my original intent). |
There was a problem hiding this comment.
Thanks for the code changes. I think the config knob makes sense. About the retry behavior, I'd like a closer look at. RFC 2616 says
The HTTP-date sent in a Date header SHOULD NOT represent a date and time subsequent to the generation of the message. It SHOULD represent the best available approximation of the date and time of message generation, unless the implementation has no means of generating a reasonably accurate date and time. In theory, the date ought to represent the moment just before the entity is generated. In practice, the date can be generated at any time during the message origination without affecting its semantic value.
which I interpret to mean that on retries the original date is used. I think if the behavior deviates slightly from core it should live in a filter, but I don't think there is retry behavior in filters yet. @PiotrSikora do you have any context about this?
|
Regarding retries, I think it depends on whether we consider a "request" to be As you mentioned, the RFC does say:
If we consider each retry as its own request, I think updating the For context, the use case we have for this change is ensuring the
#10455 is tracking some of this behavior (adding the ability to insert filters ahead of retries). Completely agree with you that this logic could (should?) be moved there once functionality becomes available. |
Signed-off-by: Michael Rebello <me@michaelrebello.com>
Signed-off-by: Michael Rebello <me@michaelrebello.com>
Proxy is an intermediate that forwards the request between the client and (one of) the backend server(s). Since this is happening hop-by-hop, it ends up being a chain of request/response pairs, but ultimately, the request that's being forwarded to the backend server is effectively the original request from the client, not a new or independent request, and the response to it will be forwarded back to the client, not consumed by the proxy... If the client disconnects in the middle of sending request, then the request to the backend server will be either terminated or cancelled (when possible). The retries are simply reattempts to deliver the same original request that was generated by the client, and not by the proxy, so I don't see how they could be perceived as something unrelated to it. Does this answer your question? |
Signed-off-by: Michael Rebello <me@michaelrebello.com>
But the Date response has nothing to do with the request, it is the response content handling or generation metadata. Please review rfc7231 section 7.1.1.2 |
Thanks, I'm familiar with that RFC... but this PR is about adding |
I do see your point, but to clarify: The use case for this particular change is for usage within Envoy Mobile, in which case Envoy is the client, rather than acting as a proxy. I.e., it's the origin (client) hop setting this header, rather than an upstream proxy. |
OK, if Envoy Mobile is originating the request, then I guess that's fine (though, since it's a retry and not a new request, I'd personally still retain the original The one remaining issue is that this is being added to Envoy Proxy APIs and exposed to it's users, introducing (IMHO) the incorrect behavior to intermediates. Is there a way to gate this feature to be available only in Envoy Mobile? |
|
@rebello95 stats_integration_test on release seems like a real failure. LGTM once that is resolved. |
Signed-off-by: Michael Rebello <me@michaelrebello.com>
@htuch Thanks for checking. I ran the integration test locally and it passed, but I do see a note mentioning that this validation is only done on release builds and requires a CI failure to know how to update it. However, I am not familiar with what part of this PR would cause that number to increase - am I missing something?
@PiotrSikora Unfortunately not that I'm aware of since retries live in the router filter. As I mentioned above, #10455 is tracking the ability to add additional filter functionality ahead of where retries are done, at which point we could probably move this into Envoy Mobile itself. Does that make sense? |
Gotcha, sorry for my confusion. Then the date the user agent presents to envoy, or the initial date when envoy first composed the proxy request should be preserved throughout any retries. |
|
@rebello95 Not sure either; maybe the change to the O(1) headers that included If you want to run release locally under Docker, you can do |
Hm yea I'm not super familiar with this area. I assume these changes would be a no-op since the new option to add the date header defaults to false, but I could be mistaken. Any insights you can provide @jmarantz would be much appreciated 😃 |
| // Enable the addition of the `date` header to outbound requests. | ||
| // If `true`, the header will be assigned on each request (and retry). |
There was a problem hiding this comment.
I think it's fine to add this, but per @PiotrSikora can you maybe add some text here about the potential misuse?
Also, I wonder if we should make this an enum with the default being off, a value being all requests and retries, with the option to later add a third enum that would add it on the initial request but not retries? That might also future proof it better.
| // TODO: Move this to an extension once support for upstream router/retry filters exists. | ||
| // https://github.com/envoyproxy/envoy/issues/10455 |
There was a problem hiding this comment.
This config option is forever effectively. If we think this is not the right place for this ultimately, we shouldn't add this at all. Per @PiotrSikora I do wonder whether there is a way you could hack this somehow in envoy mobile if you think we want to move this. The hack would be to grab the created API listener and using dynamic_casts get at the underlying impl and toggle a bool?
There was a problem hiding this comment.
The fact that the config option will become a part of the public API forever is a fair call out. I'm pausing on this for now while I sync up with our team internally to see if there are other options aside from upstreaming this change (including if your workaround suggestion could solve the issue). Thanks.
There was a problem hiding this comment.
One option would be to keep the add_request_date_header option as part of the public API (since it's a valid behavior), which would only add the Date request header to the original request (if absent) and retain the same value across all retries in Envoy Proxy, but which would keep updating the Date request header in Envoy Mobile.
- ambiguous value-based std::chrono::{clock_type}::duration(value) constructors
result in stdlib implementation specific default time units which are
hard to read and potentially different on different platforms
- this change removes any instances of these ambiguous constructions and adds
a format check to prevent them; developers should specify an explicit unit of time
- we explicitly saw this issue in #11915 where
the assumed duration unit was different on Windows, causing test failures
Additional Description:
Risk Level: Low
Testing: Adds format check test and adjust existing unit tests
Docs Changes: N/A
Release Notes: N/A
Signed-off-by: Sunjay Bhatia <sunjayb@vmware.com>
Co-authored-by: William A Rowe Jr <wrowe@vmware.com>
- ambiguous value-based std::chrono::{clock_type}::duration(value) constructors
result in stdlib implementation specific default time units which are
hard to read and potentially different on different platforms
- this change removes any instances of these ambiguous constructions and adds
a format check to prevent them; developers should specify an explicit unit of time
- we explicitly saw this issue in envoyproxy#11915 where
the assumed duration unit was different on Windows, causing test failures
Additional Description:
Risk Level: Low
Testing: Adds format check test and adjust existing unit tests
Docs Changes: N/A
Release Notes: N/A
Signed-off-by: Sunjay Bhatia <sunjayb@vmware.com>
Co-authored-by: William A Rowe Jr <wrowe@vmware.com>
- ambiguous value-based std::chrono::{clock_type}::duration(value) constructors
result in stdlib implementation specific default time units which are
hard to read and potentially different on different platforms
- this change removes any instances of these ambiguous constructions and adds
a format check to prevent them; developers should specify an explicit unit of time
- we explicitly saw this issue in envoyproxy#11915 where
the assumed duration unit was different on Windows, causing test failures
Additional Description:
Risk Level: Low
Testing: Adds format check test and adjust existing unit tests
Docs Changes: N/A
Release Notes: N/A
Signed-off-by: Sunjay Bhatia <sunjayb@vmware.com>
Co-authored-by: William A Rowe Jr <wrowe@vmware.com>
Signed-off-by: chaoqinli <chaoqinli@google.com>
|
This pull request has been automatically marked as stale because it has not had activity in the last 7 days. It will be closed in 7 days if no further activity occurs. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions! |
stale
bot
added
the
stale
|
This pull request has been automatically closed because it has not had activity in the last 14 days. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions! |
Adds a config option to the router for adding a
dateheader to outbound requests, per the RFC.Consumers can enable this option to have Envoy send the
dateheader with outbound requests and retries (disabled by default).Note that this header is updated on each subsequent retry.
Risk Level: Low, behind config option defaulting to false
Testing: Unit tests.
Docs Changes: None
Signed-off-by: Michael Rebello me@michaelrebello.com