http: limiting number and size of user defined headers (grpc#4525)

limiting user defined header alterations to 25 alterations (add/remove request/response headers) and 1024 bytes per alteration. Risk Level: medium (if someone needs higher limits we can roll back and roll forward with new values) Testing: new unit tests of one of the 17 fields affected Release Notes: noted the new limitations Fixes grpc#4268 Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Mirrored from https://github.com/envoyproxy/envoy @ b9bee1e649399f838b23cb1cedfba888e1925605
lidizheng · Oct 11, 2018 · cd0ef75 · cd0ef75
1 parent b807715
commit cd0ef75
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 11 deletions.
diff --git a/envoy/api/v2/core/base.proto b/envoy/api/v2/core/base.proto
@@ -136,14 +136,14 @@ enum RequestMethod {
 // Header name/value pair.
 message HeaderValue {
   // Header name.
-  string key = 1 [(validate.rules).string.min_bytes = 1];
+  string key = 1 [(validate.rules).string = {min_bytes: 1, max_bytes: 16384}];
 
   // Header value.
   //
   // The same :ref:`format specifier <config_access_log_format>` as used for
   // :ref:`HTTP access logging <config_access_log>` applies here, however
   // unknown header values are replaced with the empty string instead of `-`.
-  string value = 2;
+  string value = 2 [(validate.rules).string.max_bytes = 16384];
 }
 
 // Header name/value pair plus option to control append behavior.

diff --git a/envoy/api/v2/core/health_check.proto b/envoy/api/v2/core/health_check.proto
@@ -105,7 +105,8 @@ message HealthCheck {
     // health checked cluster. For more information, including details on header value syntax, see
     // the documentation on :ref:`custom request headers
     // <config_http_conn_man_headers_custom_request_headers>`.
-    repeated core.HeaderValueOption request_headers_to_add = 6;
+    repeated core.HeaderValueOption request_headers_to_add = 6
+        [(validate.rules).repeated .max_items = 1000];
 
     // Specifies a list of HTTP headers that should be removed from each request that is sent to the
     // health checked cluster.

diff --git a/envoy/api/v2/rds.proto b/envoy/api/v2/rds.proto
@@ -11,6 +11,7 @@ import "envoy/api/v2/route/route.proto";
 import "google/api/annotations.proto";
 import "google/protobuf/wrappers.proto";
 
+import "validate/validate.proto";
 import "gogoproto/gogo.proto";
 
 option (gogoproto.equal_all) = true;
@@ -63,7 +64,8 @@ message RouteConfiguration {
   // :ref:`envoy_api_msg_route.RouteAction`. For more information, including details on
   // header value syntax, see the documentation on :ref:`custom request headers
   // <config_http_conn_man_headers_custom_request_headers>`.
-  repeated core.HeaderValueOption response_headers_to_add = 4;
+  repeated core.HeaderValueOption response_headers_to_add = 4
+      [(validate.rules).repeated .max_items = 1000];
 
   // Specifies a list of HTTP headers that should be removed from each response
   // that the connection manager encodes.
@@ -75,7 +77,8 @@ message RouteConfiguration {
   // :ref:`envoy_api_msg_route.RouteAction`. For more information, including details on
   // header value syntax, see the documentation on :ref:`custom request headers
   // <config_http_conn_man_headers_custom_request_headers>`.
-  repeated core.HeaderValueOption request_headers_to_add = 6;
+  repeated core.HeaderValueOption request_headers_to_add = 6
+      [(validate.rules).repeated .max_items = 1000];
 
   // Specifies a list of HTTP headers that should be removed from each request
   // routed by the HTTP connection manager.

diff --git a/envoy/api/v2/route/route.proto b/envoy/api/v2/route/route.proto
@@ -80,7 +80,8 @@ message VirtualHost {
   // enclosing :ref:`envoy_api_msg_RouteConfiguration`. For more information, including
   // details on header value syntax, see the documentation on :ref:`custom request headers
   // <config_http_conn_man_headers_custom_request_headers>`.
-  repeated core.HeaderValueOption request_headers_to_add = 7;
+  repeated core.HeaderValueOption request_headers_to_add = 7
+      [(validate.rules).repeated .max_items = 1000];
 
   // Specifies a list of HTTP headers that should be removed from each request
   // handled by this virtual host.
@@ -92,7 +93,8 @@ message VirtualHost {
   // enclosing :ref:`envoy_api_msg_RouteConfiguration`. For more information, including
   // details on header value syntax, see the documentation on :ref:`custom request headers
   // <config_http_conn_man_headers_custom_request_headers>`.
-  repeated core.HeaderValueOption response_headers_to_add = 10;
+  repeated core.HeaderValueOption response_headers_to_add = 10
+      [(validate.rules).repeated .max_items = 1000];
 
   // Specifies a list of HTTP headers that should be removed from each response
   // handled by this virtual host.
@@ -171,7 +173,8 @@ message Route {
   // :ref:`envoy_api_msg_RouteConfiguration`. For more information, including details on
   // header value syntax, see the documentation on :ref:`custom request headers
   // <config_http_conn_man_headers_custom_request_headers>`.
-  repeated core.HeaderValueOption request_headers_to_add = 9;
+  repeated core.HeaderValueOption request_headers_to_add = 9
+      [(validate.rules).repeated .max_items = 1000];
 
   // Specifies a list of HTTP headers that should be removed from each request
   // matching this route.
@@ -183,7 +186,8 @@ message Route {
   // :ref:`envoy_api_msg_RouteConfiguration`. For more information, including
   // details on header value syntax, see the documentation on
   // :ref:`custom request headers <config_http_conn_man_headers_custom_request_headers>`.
-  repeated core.HeaderValueOption response_headers_to_add = 10;
+  repeated core.HeaderValueOption response_headers_to_add = 10
+      [(validate.rules).repeated .max_items = 1000];
 
   // Specifies a list of HTTP headers that should be removed from each response
   // to requests matching this route.
@@ -223,7 +227,8 @@ message WeightedCluster {
     // :ref:`envoy_api_msg_RouteConfiguration`. For more information, including details on
     // header value syntax, see the documentation on :ref:`custom request headers
     // <config_http_conn_man_headers_custom_request_headers>`.
-    repeated core.HeaderValueOption request_headers_to_add = 4;
+    repeated core.HeaderValueOption request_headers_to_add = 4
+        [(validate.rules).repeated .max_items = 1000];
 
     // Specifies a list of HTTP headers that should be removed from each request when
     // this cluster is selected through the enclosing :ref:`envoy_api_msg_route.RouteAction`.
@@ -236,7 +241,8 @@ message WeightedCluster {
     // :ref:`envoy_api_msg_RouteConfiguration`. For more information, including details on
     // header value syntax, see the documentation on :ref:`custom request headers
     // <config_http_conn_man_headers_custom_request_headers>`.
-    repeated core.HeaderValueOption response_headers_to_add = 5;
+    repeated core.HeaderValueOption response_headers_to_add = 5
+        [(validate.rules).repeated .max_items = 1000];
 
     // Specifies a list of headers to be removed from responses when this cluster is selected
     // through the enclosing :ref:`envoy_api_msg_route.RouteAction`.