Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

http: keep trailers TE header instead of removing it #32255

Merged
merged 23 commits into from
Feb 12, 2024
Merged
Show file tree
Hide file tree
Changes from 5 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions changelogs/current.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@ date: Pending

behavior_changes:
# *Changes that are expected to cause an incompatibility if applicable; deployment changes are likely required*
- area: http
change: |
Force the hop by hop TE header from downstream request headers to "trailers". This change can be temporarily reverted
by setting ``envoy.reloadable_features.sanitize_te`` to false.

minor_behavior_changes:
# *Changes that may cause incompatibilities for some users, but should not for most*
Expand Down
24 changes: 23 additions & 1 deletion source/common/http/conn_manager_utility.cc
Original file line number Diff line number Diff line change
Expand Up @@ -92,8 +92,30 @@ ConnectionManagerUtility::MutateRequestHeadersResult ConnectionManagerUtility::m
if (!Utility::isUpgrade(request_headers)) {
request_headers.removeConnection();
request_headers.removeUpgrade();

if (Runtime::runtimeFeatureEnabled("envoy.reloadable_features.sanitize_te")) {
request_headers.removeTE();
auto teHeader = request_headers.getTEValue();
quantumsheep marked this conversation as resolved.
Show resolved Hide resolved
quantumsheep marked this conversation as resolved.
Show resolved Hide resolved

if (!teHeader.empty()) {
auto hasTrailersTE = false;

auto teValues = absl::StrSplit(, ",");
for (const auto& teValue : teValues) {
auto parts = absl::StrSplit(teValue, ";"); // Handles cases like "chunked, trailers;q=0.5"
quantumsheep marked this conversation as resolved.
Show resolved Hide resolved
auto value = absl::StripAsciiWhitespace(parts[0]);

if (value == Http::Headers::get().TEValues.Trailers) {
hasTrailersTE = true;
break;
}
}

if (hasTrailersTE) {
request_headers.setTE(Http::Headers::get().TEValues.Trailers);
} else {
request_headers.removeTE();
}
}
quantumsheep marked this conversation as resolved.
Show resolved Hide resolved
}
}

Expand Down
46 changes: 46 additions & 0 deletions test/integration/protocol_integration_test.cc
Original file line number Diff line number Diff line change
Expand Up @@ -809,6 +809,52 @@ TEST_P(DownstreamProtocolIntegrationTest, TeSanitization) {
EXPECT_EQ("", upstream_headers->getTEValue());
}

TEST_P(DownstreamProtocolIntegrationTest, TeSanitizationTrailers) {
if (downstreamProtocol() != Http::CodecType::HTTP1) {
return;
}

autonomous_upstream_ = true;
config_helper_.addRuntimeOverride("envoy.reloadable_features.sanitize_te", "true");

default_request_headers_.setTE("trailers");

initialize();
codec_client_ = makeHttpConnection(lookupPort("http"));
auto response = codec_client_->makeHeaderOnlyRequest(default_request_headers_);
ASSERT_TRUE(response->waitForEndStream());
EXPECT_TRUE(response->complete());
EXPECT_EQ("200", response->headers().getStatusValue());

auto upstream_headers =
reinterpret_cast<AutonomousUpstream*>(fake_upstreams_[0].get())->lastRequestHeaders();
EXPECT_TRUE(upstream_headers != nullptr);
EXPECT_EQ("trailers", upstream_headers->getTEValue());
}

TEST_P(DownstreamProtocolIntegrationTest, TeSanitizationTrailersMultipleValuesAndWeigthted) {
if (downstreamProtocol() != Http::CodecType::HTTP1) {
return;
}

autonomous_upstream_ = true;
config_helper_.addRuntimeOverride("envoy.reloadable_features.sanitize_te", "true");

default_request_headers_.setTE("chunked;q=0.8 , trailers ;q=0.5,deflate ");

initialize();
codec_client_ = makeHttpConnection(lookupPort("http"));
auto response = codec_client_->makeHeaderOnlyRequest(default_request_headers_);
ASSERT_TRUE(response->waitForEndStream());
EXPECT_TRUE(response->complete());
EXPECT_EQ("200", response->headers().getStatusValue());

auto upstream_headers =
reinterpret_cast<AutonomousUpstream*>(fake_upstreams_[0].get())->lastRequestHeaders();
EXPECT_TRUE(upstream_headers != nullptr);
EXPECT_EQ("trailers", upstream_headers->getTEValue());
}

// Regression test for https://github.com/envoyproxy/envoy/issues/10270
TEST_P(ProtocolIntegrationTest, LongHeaderValueWithSpaces) {
// Header with at least 20kb of spaces surrounded by non-whitespace characters to ensure that
Expand Down
Loading