New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug 1953113: template config - HSTS header's pattern accepts case insensitive and white spaces #298
Conversation
@alebedev87: This pull request references Bugzilla bug 1953113, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/bugzilla refresh |
@alebedev87: This pull request references Bugzilla bug 1953113, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/assign @candita |
a7a339a
to
659a402
Compare
/retest |
1 similar comment
/retest |
pkg/router/router_test.go
Outdated
@@ -277,6 +440,12 @@ func (e mustCreate) Apply(h *harness) error { | |||
return err | |||
} | |||
|
|||
type mustCreateWithConfig struct { | |||
mustCreate | |||
configPattern string |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The name is confusing; the test actually performs a substring search, not a pattern match (such as a regexp), right?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Indeed, it's not a regexp.
Didn't have many ideas for the name, renamed to configSnippet
. Tell me if you have better ideas.
…ensitive and white spaces
/retest |
/assign @Miciah |
}, | ||
tlsTermination: routev1.TLSTerminationEdge, | ||
}, | ||
configSnippet: `http-response set-header Strict-Transport-Security 'min-age=99999'`, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we check for just the substring "http-response set-header Strict-Transport-Security" to make sure there are no false negatives?
configSnippet: `http-response set-header Strict-Transport-Security 'min-age=99999'`, | |
configSnippet: `http-response set-header Strict-Transport-Security`, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, the state isn't cleared between test cases, is it? So with my suggestion, this test case would always fail.
}, | ||
tlsTermination: routev1.TLSTerminationEdge, | ||
}, | ||
configSnippet: `http-response set-header Strict-Transport-Security 'max-age=99999;includesubdomains;preload;wrongdirective'`, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
configSnippet: `http-response set-header Strict-Transport-Security 'max-age=99999;includesubdomains;preload;wrongdirective'`, | |
configSnippet: `http-response set-header Strict-Transport-Security`, |
Thanks! I love the improved test coverage! |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: alebedev87, Miciah The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/bugzilla refresh |
@Miciah: This pull request references Bugzilla bug 1953113, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker. 3 validation(s) were run on this bug
Requesting review from QA contact: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/retest Please review the full test history for this PR and help us cut down flakes. |
3 similar comments
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest |
/retest Please review the full test history for this PR and help us cut down flakes. |
@alebedev87: All pull requests linked via external trackers have merged: Bugzilla bug 1953113 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
This PR makes HAProxy's config template accept HSTS headers with case insensitive directives and white spaces as stated in RFC6797.
Apart from the unit test, tested manually: