fixed: oxy not forwarding IP info to ws backend #129
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
itsai220
added a commit
that referenced
this pull request
Jun 16, 2021
* remod: update aporeto dependencies * remod: update aporeto dependencies * Skip codecov uploads (#121) * remod: update aporeto dependencies * fixed: security audit findings (#127) * doc: added comment on how to implement CRL check using the MTLS authorizer * new: differentiate * and mirror for CORSOrigin. * new: option to control Allow Credential header * travis: added new go version * fixed: workaround oxy not forwarding IP info to ws backend (#129) * fixed: always strip the internal ws marker header * fix/race: Fix a data race access to the moving average pointer (#131) * fix/race: Fix a data race access to the moving average pointer * Fix the race in the array by passing a proper copy * fix/test: Forgot a commit in previous PR * Set up a GitHub action and start uploading coverage to Codacy (#132) * Add Codacy badges (#134) * chore/codacy: Ignore test assets * remod up Co-authored-by: Antoine Mercadal <antoine@inframonde.me> Co-authored-by: Kevin Cantú <kcantu@paloaltonetworks.com> Co-authored-by: primalmotion <208711+primalmotion@users.noreply.github.com> Co-authored-by: Cyril Peponnet <cyril@peponnet.fr>
itsai220
added a commit
that referenced
this pull request
Jul 13, 2021
* remod: update aporeto dependencies * remod: update aporeto dependencies * Skip codecov uploads (#121) * remod: update aporeto dependencies * fixed: security audit findings (#127) * doc: added comment on how to implement CRL check using the MTLS authorizer * new: differentiate * and mirror for CORSOrigin. * new: option to control Allow Credential header * travis: added new go version * fixed: workaround oxy not forwarding IP info to ws backend (#129) * fixed: always strip the internal ws marker header * fix/race: Fix a data race access to the moving average pointer (#131) * fix/race: Fix a data race access to the moving average pointer * Fix the race in the array by passing a proper copy * fix/test: Forgot a commit in previous PR * Set up a GitHub action and start uploading coverage to Codacy (#132) * Add Codacy badges (#134) * chore/codacy: Ignore test assets * remod: update aporeto dependencies Co-authored-by: Antoine Mercadal <antoine@inframonde.me> Co-authored-by: Kevin Cantú <kcantu@paloaltonetworks.com> Co-authored-by: primalmotion <208711+primalmotion@users.noreply.github.com> Co-authored-by: Cyril Peponnet <cyril@peponnet.fr> Co-authored-by: Primalmotion <primalmotion@pm.me>
itsai220
added a commit
that referenced
this pull request
Aug 4, 2021
* remod: update aporeto dependencies * remod: update aporeto dependencies * Skip codecov uploads (#121) * remod: update aporeto dependencies * fixed: security audit findings (#127) * doc: added comment on how to implement CRL check using the MTLS authorizer * new: differentiate * and mirror for CORSOrigin. * new: option to control Allow Credential header * travis: added new go version * fixed: workaround oxy not forwarding IP info to ws backend (#129) * fixed: always strip the internal ws marker header * fix/race: Fix a data race access to the moving average pointer (#131) * fix/race: Fix a data race access to the moving average pointer * Fix the race in the array by passing a proper copy * fix/test: Forgot a commit in previous PR * Set up a GitHub action and start uploading coverage to Codacy (#132) * Add Codacy badges (#134) * chore/codacy: Ignore test assets * remod: update aporeto dependencies * fixed: always reset secret before pushing (#139) * fixed: always reset secret before pushing * test: validate no secret leak Co-authored-by: Antoine Mercadal <antoine@inframonde.me> Co-authored-by: Kevin Cantú <kcantu@paloaltonetworks.com> Co-authored-by: primalmotion <208711+primalmotion@users.noreply.github.com> Co-authored-by: Cyril Peponnet <cyril@peponnet.fr> Co-authored-by: Primalmotion <primalmotion@pm.me>
itsai220
added a commit
that referenced
this pull request
Sep 1, 2021
* remod: update aporeto dependencies * remod: update aporeto dependencies * Skip codecov uploads (#121) * remod: update aporeto dependencies * fixed: security audit findings (#127) * doc: added comment on how to implement CRL check using the MTLS authorizer * new: differentiate * and mirror for CORSOrigin. * new: option to control Allow Credential header * travis: added new go version * fixed: workaround oxy not forwarding IP info to ws backend (#129) * fixed: always strip the internal ws marker header * fix/race: Fix a data race access to the moving average pointer (#131) * fix/race: Fix a data race access to the moving average pointer * Fix the race in the array by passing a proper copy * fix/test: Forgot a commit in previous PR * Set up a GitHub action and start uploading coverage to Codacy (#132) * Add Codacy badges (#134) * chore/codacy: Ignore test assets * remod: update aporeto dependencies * fixed: always reset secret before pushing (#139) * fixed: always reset secret before pushing * test: validate no secret leak * fixed: single mock package (#143) This is causing trouble with the mathematicality of go module... Also bump zap * fixed: bump nats-server version (#144) * * fixed/gateway: rate limiting not active on websocket (#142) This patch fixes a bug where the per-client rate limiter was not used by the ws forwarding * new: added metric manager for global tcp and source limiters The OptionGlobalTCPLimiterMetricManager and OptionSourceRateLimiterMetricManager can be used to set an implementer of LimiterMatricManager to report metrics on total, accepted and limited connections. Co-authored-by: Antoine Mercadal <antoine@inframonde.me> Co-authored-by: Kevin Cantú <kcantu@paloaltonetworks.com> Co-authored-by: primalmotion <208711+primalmotion@users.noreply.github.com> Co-authored-by: Cyril Peponnet <cyril@peponnet.fr> Co-authored-by: Primalmotion <primalmotion@pm.me>
CyrilPeponnet
added a commit
that referenced
this pull request
Oct 11, 2021
* remod: update aporeto dependencies * remod: update aporeto dependencies * Skip codecov uploads (#121) * remod: update aporeto dependencies * fixed: security audit findings (#127) * doc: added comment on how to implement CRL check using the MTLS authorizer * new: differentiate * and mirror for CORSOrigin. * new: option to control Allow Credential header * travis: added new go version * fixed: workaround oxy not forwarding IP info to ws backend (#129) * fixed: always strip the internal ws marker header * fix/race: Fix a data race access to the moving average pointer (#131) * fix/race: Fix a data race access to the moving average pointer * Fix the race in the array by passing a proper copy * fix/test: Forgot a commit in previous PR * Set up a GitHub action and start uploading coverage to Codacy (#132) * Add Codacy badges (#134) * chore/codacy: Ignore test assets * remod: update aporeto dependencies * fixed: always reset secret before pushing (#139) * fixed: always reset secret before pushing * test: validate no secret leak * fixed: single mock package (#143) This is causing trouble with the mathematicality of go module... Also bump zap * fixed: bump nats-server version (#144) * * fixed/gateway: rate limiting not active on websocket (#142) This patch fixes a bug where the per-client rate limiter was not used by the ws forwarding * new: added metric manager for global tcp and source limiters The OptionGlobalTCPLimiterMetricManager and OptionSourceRateLimiterMetricManager can be used to set an implementer of LimiterMatricManager to report metrics on total, accepted and limited connections. * remod: update aporeto dependencies * remod: update aporeto dependencies Co-authored-by: Antoine Mercadal <antoine@inframonde.me> Co-authored-by: Kevin Cantú <kcantu@paloaltonetworks.com> Co-authored-by: primalmotion <208711+primalmotion@users.noreply.github.com> Co-authored-by: Cyril Peponnet <cyril@peponnet.fr> Co-authored-by: Primalmotion <primalmotion@pm.me> Co-authored-by: Antoine Mercadal <antoine@aporeto.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This patch adds a header marker in the incoming request that are planned to be upgraded to websockets. This marker will be used to decide to set X-Forwarded-For header on the internal request rewriter.
This will make sure the ws backend receives a correct X-Forwarded-For header