Description:
Envoy Gateway currently derives the session persistence cookie Path from the matched HTTPRoute path.
This becomes a problem when traffic is rewritten at an edge layer before it reaches Envoy Gateway.
Example flow:
- A client sends a request to https://example.com/
- An upstream edge/proxy rewrites that request to https://example.com/foo/bar
- Envoy Gateway matches the rewritten path /foo/bar
- sessionPersistence sets a cookie with Path=/foo/bar
- On the next request to https://example.com/, the browser does not send that cookie back because cookie path matching does not include /
- As a result, sticky sessions break even though the user-facing URL is still rooted at /.
Possible workaround:
- Enhance sessionPersistence in HTTPRoute to add support for modifying Path attribute - this needs Gateway API upstream change
- Add a similar config in BackendTrafficPolicy to allow for more flexibility of updating cookie attributes like here
[optional Relevant Links:]
Any extra documentation required to understand the issue.
Description:
Envoy Gateway currently derives the session persistence cookie Path from the matched HTTPRoute path.
This becomes a problem when traffic is rewritten at an edge layer before it reaches Envoy Gateway.
Example flow:
Possible workaround:
[optional Relevant Links:]