New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MAISTRA-1739 Fix validation of AuthorizationPolicy fields #157
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we add a unit or integration test to validate this feature?
Good point. I added a test |
/retest |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Just one minor fix needed in code comment.
pkg/config/security/security.go
Outdated
attrConnSNI = "connection.sni" // server name indication, e.g. "www.example.com". | ||
attrExperimental = "experimental.envoy.filters." | ||
attrRequestHeader = "request.headers" // header name is surrounded by brackets, e.g. "request.headers[User-Agent]". | ||
attrRequestHeaderRegex = "request.regex.headers" // header name is surrounded by brackets, e.g. "request.headers[User-Agent]". |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Comment is the same as in the previous line - should be request.regex.headers[User-Agent]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Whoops. Thanks!
It would previously detect request.regex.headers as invalid, even though it is supported.
/retest |
It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157)
It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157)
It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (#157)
Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157)
…stra#236) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com>
… (#544) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (#157) Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) (maistra#544) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) (maistra#544) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) (maistra#544) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) (maistra#544) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) (maistra#544) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com>
…stra#236) (maistra#544) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com>
…ers (maistra#236) (maistra#544) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com>
…ers (maistra#236) (maistra#544) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com>
…ers (maistra#236) (maistra#544) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com>
…ers (#236) (#544) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (#157) Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com>
…ers (maistra#236) (maistra#544) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com>
…ers (#236) (#544) (#712) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (#157) Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Jacek Ewertowski <jewertow@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com>
…ers (maistra#236) (maistra#544) (maistra#712) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Jacek Ewertowski <jewertow@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com>
…ers (maistra#236) (maistra#544) (maistra#712) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (maistra#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (maistra#157) Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Jacek Ewertowski <jewertow@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com>
…ers (#236) (#544) (#712) Rework of this for 1.6 rebase. Adapted from: b0f47f2 MAISTRA-2010 Fix validation of AuthorizationPolicy fields (#207) It would previously detect request.regex.headers as invalid, even though it is supported. Cherry-pick of MAISTRA-1739 (#157) Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com> Co-authored-by: Jacek Ewertowski <jewertow@redhat.com> Co-authored-by: Brian Avery <bavery@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com>
It would previously detect the field
request.regex.headers
as invalid, even though it is supported.I'm adding a hold as this will only go into 1.1.8