http: allow ignoring unknown upgrade requests #37150
Conversation
Fixes envoyproxy#36305 Signed-off-by: Greg Greenway <[email protected]>
|
CC @envoyproxy/api-shepherds: Your approval is needed for changes made to |
|
Initial questions:
|
|
cc @RyanTheOptimist for spec thoughts |
There was a problem hiding this comment.
I'm fine with this conceptually but as commented would like @RyanTheOptimist (or @DavidSchinazi but he's less likely to respond) thoughts from a spec perspective
and tests, obviously but it's still a draft so can wait for those =P
api/envoy/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto
Show resolved
Hide resolved
| // If enabled, Envoy will ignore upgrade requests of this type. It is invalid to set both this option and | ||
| // :ref:`enabled <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.UpgradeConfig.enabled>` | ||
| // to true. | ||
| google.protobuf.BoolValue ignore = 4; |
There was a problem hiding this comment.
actually follow-up on that, do we have or need a way to ignore for all types?
There was a problem hiding this comment.
What do you mean by "ignore for all types"? If you mean "ignore all upgrade requests", that's https://github.com/envoyproxy/envoy/pull/37150/files#diff-4b0f0f4bf391293548732ba0dac7ea417d196e9e5bb87ad4041850f453a982f5R802. If that's not what you meant, please clarify the question.
| @@ -100,17 +100,24 @@ class FilterChainFactory { | |||
| createFilterChain(FilterChainManager& manager, bool only_create_if_configured = false, | |||
| const FilterChainOptions& options = EmptyFilterChainOptions{}) const PURE; | |||
|
|
|||
| enum class UpgradeAction { | |||
There was a problem hiding this comment.
I think move the comments below up here in case the enum gets used multiple places
|
Yes, Upgrade is HTTP/1 only. However Extended CONNECT provides similar capabilities for H2 and H3. Do we have a similar configuration method for this? |
Fixes #36305
Add configuration to ignore either all unknown upgrade requests, or specific upgrade requests. This is allowed in https://datatracker.ietf.org/doc/html/rfc7230#section-6.7:
A server MAY ignore a received Upgrade
header field if it wishes to continue using the current protocol on
that connection.
Risk Level: Medium
Testing: TODO
Docs Changes:
Release Notes: TODO