New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow preservation of trailing slashes on TLS redirects via annotation. #7144
Changes from 1 commit
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change | ||||
---|---|---|---|---|---|---|
|
@@ -147,9 +147,11 @@ function _M.rewrite(location_config) | |||||
|
||||||
if redirect_to_https(location_config) then | ||||||
local request_uri = ngx.var.request_uri | ||||||
-- do not append a trailing slash on redirects | ||||||
if string.sub(request_uri, -1) == "/" then | ||||||
request_uri = string.sub(request_uri, 1, -2) | ||||||
-- do not append a trailing slash on redirects unless enabled by annotations | ||||||
if location_config.preserve_trailing_slash == false then | ||||||
if string.sub(request_uri, -1) == "/" then | ||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Suggested change
Use There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. updated, thaanks. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Missed this comment! :D |
||||||
request_uri = string.sub(request_uri, 1, -2) | ||||||
end | ||||||
end | ||||||
|
||||||
local uri = string_format("https://%s%s", redirect_host(), request_uri) | ||||||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
/* | ||
Copyright 2018 The Kubernetes Authors. | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 2018 -> 2021 There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. updated. |
||
|
||
Licensed under the Apache License, Version 2.0 (the "License"); | ||
you may not use this file except in compliance with the License. | ||
You may obtain a copy of the License at | ||
|
||
http://www.apache.org/licenses/LICENSE-2.0 | ||
|
||
Unless required by applicable law or agreed to in writing, software | ||
distributed under the License is distributed on an "AS IS" BASIS, | ||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
See the License for the specific language governing permissions and | ||
limitations under the License. | ||
*/ | ||
|
||
package annotations | ||
|
||
import ( | ||
"net/http" | ||
|
||
"github.com/onsi/ginkgo" | ||
|
||
"k8s.io/ingress-nginx/test/e2e/framework" | ||
) | ||
|
||
var _ = framework.DescribeAnnotation("preserve-trailing-slash", func() { | ||
f := framework.NewDefaultFramework("preservetrailingslash") | ||
|
||
ginkgo.BeforeEach(func() { | ||
f.NewEchoDeployment() | ||
}) | ||
|
||
ginkgo.It("should allow preservation of trailing slashes", func() { | ||
host := "forcesslredirect.bar.com" | ||
tlsHosts := []string{host} | ||
|
||
annotations := map[string]string{ | ||
"nginx.ingress.kubernetes.io/ssl-redirect": "true", | ||
"nginx.ingress.kubernetes.io/preserve-trailing-slash": "true", | ||
} | ||
|
||
ing := framework.NewSingleIngressWithTLS(host, "/", host, tlsHosts, f.Namespace, framework.EchoService, 80, annotations) | ||
f.EnsureIngress(ing) | ||
|
||
f.HTTPTestClient(). | ||
GET("/"). | ||
WithHeader("Host", host). | ||
Expect(). | ||
Status(http.StatusPermanentRedirect). | ||
Header("Location").Equal("https://forcesslredirect.bar.com/") | ||
}) | ||
}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should check the
err
from thessl-redirect
annotation parsing firstly, considering the following case:ssl-redirect
annotation is invalidpreserve-trailing-slash
is validso
err
will be reset tonil
and the error process was dismissed.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fixed, thanks.