envoy_defaultv3

package
v0.13.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 9, 2024 License: Apache-2.0 Imports: 18 Imported by: 11

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	HeaderValidatorConfig_HeadersWithUnderscoresAction_name = map[int32]string{
		0: "ALLOW",
		1: "REJECT_REQUEST",
		2: "DROP_HEADER",
	}
	HeaderValidatorConfig_HeadersWithUnderscoresAction_value = map[string]int32{
		"ALLOW":          0,
		"REJECT_REQUEST": 1,
		"DROP_HEADER":    2,
	}
)

Enum value maps for HeaderValidatorConfig_HeadersWithUnderscoresAction.

View Source 
var (
	HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction_name = map[int32]string{
		0: "IMPLEMENTATION_SPECIFIC_DEFAULT",
		1: "KEEP_UNCHANGED",
		2: "REJECT_REQUEST",
		3: "UNESCAPE_AND_REDIRECT",
		4: "UNESCAPE_AND_FORWARD",
	}
	HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction_value = map[string]int32{
		"IMPLEMENTATION_SPECIFIC_DEFAULT": 0,
		"KEEP_UNCHANGED":                  1,
		"REJECT_REQUEST":                  2,
		"UNESCAPE_AND_REDIRECT":           3,
		"UNESCAPE_AND_FORWARD":            4,
	}
)

Enum value maps for HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction.

View Source 
var File_envoy_extensions_http_header_validators_envoy_default_v3_header_validator_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type HeaderValidatorConfig 

type HeaderValidatorConfig struct {
	Http1ProtocolOptions *HeaderValidatorConfig_Http1ProtocolOptions `protobuf:"bytes,1,opt,name=http1_protocol_options,json=http1ProtocolOptions,proto3" json:"http1_protocol_options,omitempty"`
	// The URI path normalization options.
	// By default Envoy normalizes URI path using the default values of the :ref:`UriPathNormalizationOptions
	// <envoy_v3_api_msg_extensions.http.header_validators.envoy_default.v3.HeaderValidatorConfig.UriPathNormalizationOptions>`.
	// URI path transformations specified by the “uri_path_normalization_options“ configuration can be applied to a portion
	// of requests by setting the “envoy_default_header_validator.uri_path_transformations“ runtime value.
	// Caution: disabling path normalization may lead to path confusion vulnerabilities in access control or incorrect service
	// selection.
	UriPathNormalizationOptions *HeaderValidatorConfig_UriPathNormalizationOptions `` /* 146-byte string literal not displayed */
	// Restrict HTTP methods to these defined in the `RFC 7231 section 4.1 <https://datatracker.ietf.org/doc/html/rfc7231#section-4.1>`_
	// Envoy will respond with 400 to requests with disallowed methods.
	// By default methods with arbitrary names are accepted.
	RestrictHttpMethods bool `protobuf:"varint,3,opt,name=restrict_http_methods,json=restrictHttpMethods,proto3" json:"restrict_http_methods,omitempty"`
	// Action to take when a client request with a header name containing underscore characters is received.
	// If this setting is not specified, the value defaults to ALLOW.
	HeadersWithUnderscoresAction HeaderValidatorConfig_HeadersWithUnderscoresAction `` /* 263-byte string literal not displayed */
	// Allow requests with fragment in URL path and strip the fragment before request processing.
	// By default Envoy rejects requests with fragment in URL path.
	StripFragmentFromPath bool `` /* 129-byte string literal not displayed */
	// contains filtered or unexported fields
}

This extension validates that HTTP request and response headers are well formed according to respective RFCs.

#. HTTP/1 header map validity according to `RFC 7230 section 3.2 <https://datatracker.ietf.org/doc/html/rfc7230#section-3.2>`_ #. Syntax of HTTP/1 request target URI and response status #. HTTP/2 header map validity according to `RFC 7540 section 8.1.2 <https://datatracker.ietf.org/doc/html/rfc7540#section-8.1.2>`_ #. Syntax of HTTP/2 pseudo headers #. HTTP/3 header map validity according to `RFC 9114 section 4.3 <https://www.rfc-editor.org/rfc/rfc9114.html>`_ #. Syntax of HTTP/3 pseudo headers #. Syntax of Content-Length and Transfer-Encoding #. Validation of HTTP/1 requests with both “Content-Length“ and “Transfer-Encoding“ headers #. Normalization of the URI path according to `Normalization and Comparison <https://datatracker.ietf.org/doc/html/rfc3986#section-6>`_ 

without `case normalization <https://datatracker.ietf.org/doc/html/rfc3986#section-6.2.2.1>`_

[#comment:TODO(yanavlasov): Put #extension: envoy.http.header_validators.envoy_default after it is not hidden any more] [#next-free-field: 6]

func (*HeaderValidatorConfig) Descriptor deprecated 

func (*HeaderValidatorConfig) Descriptor() ([]byte, []int)

Deprecated: Use HeaderValidatorConfig.ProtoReflect.Descriptor instead.

func (*HeaderValidatorConfig) GetHeadersWithUnderscoresAction added in v0.11.0 

func (x *HeaderValidatorConfig) GetHeadersWithUnderscoresAction() HeaderValidatorConfig_HeadersWithUnderscoresAction

func (*HeaderValidatorConfig) GetHttp1ProtocolOptions 

func (x *HeaderValidatorConfig) GetHttp1ProtocolOptions() *HeaderValidatorConfig_Http1ProtocolOptions

func (*HeaderValidatorConfig) GetRestrictHttpMethods 

func (x *HeaderValidatorConfig) GetRestrictHttpMethods() bool

func (*HeaderValidatorConfig) GetStripFragmentFromPath added in v0.12.0 

func (x *HeaderValidatorConfig) GetStripFragmentFromPath() bool

func (*HeaderValidatorConfig) GetUriPathNormalizationOptions 

func (x *HeaderValidatorConfig) GetUriPathNormalizationOptions() *HeaderValidatorConfig_UriPathNormalizationOptions

func (*HeaderValidatorConfig) ProtoMessage 

func (*HeaderValidatorConfig) ProtoMessage()

func (*HeaderValidatorConfig) ProtoReflect 

func (x *HeaderValidatorConfig) ProtoReflect() protoreflect.Message

func (*HeaderValidatorConfig) Reset 

func (x *HeaderValidatorConfig) Reset()

func (*HeaderValidatorConfig) String 

func (x *HeaderValidatorConfig) String() string

func (*HeaderValidatorConfig) Validate 

func (m *HeaderValidatorConfig) Validate() error

Validate checks the field values on HeaderValidatorConfig with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*HeaderValidatorConfig) ValidateAll 

func (m *HeaderValidatorConfig) ValidateAll() error

ValidateAll checks the field values on HeaderValidatorConfig with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in HeaderValidatorConfigMultiError, or nil if none found.

type HeaderValidatorConfigMultiError 

type HeaderValidatorConfigMultiError []error

HeaderValidatorConfigMultiError is an error wrapping multiple validation errors returned by HeaderValidatorConfig.ValidateAll() if the designated constraints aren't met.

func (HeaderValidatorConfigMultiError) AllErrors 

func (m HeaderValidatorConfigMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (HeaderValidatorConfigMultiError) Error 

func (m HeaderValidatorConfigMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type HeaderValidatorConfigValidationError 

type HeaderValidatorConfigValidationError struct {
	// contains filtered or unexported fields
}

HeaderValidatorConfigValidationError is the validation error returned by HeaderValidatorConfig.Validate if the designated constraints aren't met.

func (HeaderValidatorConfigValidationError) Cause 

func (e HeaderValidatorConfigValidationError) Cause() error

Cause function returns cause value.

func (HeaderValidatorConfigValidationError) Error 

func (e HeaderValidatorConfigValidationError) Error() string

Error satisfies the builtin error interface

func (HeaderValidatorConfigValidationError) ErrorName 

func (e HeaderValidatorConfigValidationError) ErrorName() string

ErrorName returns error name.

func (HeaderValidatorConfigValidationError) Field 

func (e HeaderValidatorConfigValidationError) Field() string

Field function returns field value.

func (HeaderValidatorConfigValidationError) Key 

func (e HeaderValidatorConfigValidationError) Key() bool

Key function returns key value.

func (HeaderValidatorConfigValidationError) Reason 

func (e HeaderValidatorConfigValidationError) Reason() string

Reason function returns reason value.

type HeaderValidatorConfig_HeadersWithUnderscoresAction added in v0.11.0 

type HeaderValidatorConfig_HeadersWithUnderscoresAction int32

Action to take when Envoy receives client request with header names containing underscore characters. Underscore character is allowed in header names by the RFC-7230 and this behavior is implemented as a security measure due to systems that treat '_' and '-' as interchangeable. Envoy by default allows client request headers with underscore characters. 

const (
	// Allow headers with underscores. This is the default behavior.
	HeaderValidatorConfig_ALLOW HeaderValidatorConfig_HeadersWithUnderscoresAction = 0
	// Reject client request. HTTP/1 requests are rejected with the 400 status. HTTP/2 requests
	// end with the stream reset. The
	// :ref:`httpN.requests_rejected_with_underscores_in_headers <config_http_conn_man_stats_per_codec>` counter
	// is incremented for each rejected request.
	HeaderValidatorConfig_REJECT_REQUEST HeaderValidatorConfig_HeadersWithUnderscoresAction = 1
	// Drop the client header with name containing underscores. The header is dropped before the filter chain is
	// invoked and as such filters will not see dropped headers. The
	// :ref:`httpN.dropped_headers_with_underscores <config_http_conn_man_stats_per_codec>` is incremented for
	// each dropped header.
	HeaderValidatorConfig_DROP_HEADER HeaderValidatorConfig_HeadersWithUnderscoresAction = 2
)

func (HeaderValidatorConfig_HeadersWithUnderscoresAction) Descriptor added in v0.11.0 

func (HeaderValidatorConfig_HeadersWithUnderscoresAction) Descriptor() protoreflect.EnumDescriptor

func (HeaderValidatorConfig_HeadersWithUnderscoresAction) Enum added in v0.11.0 

func (x HeaderValidatorConfig_HeadersWithUnderscoresAction) Enum() *HeaderValidatorConfig_HeadersWithUnderscoresAction

func (HeaderValidatorConfig_HeadersWithUnderscoresAction) EnumDescriptor deprecated added in v0.11.0 

func (HeaderValidatorConfig_HeadersWithUnderscoresAction) EnumDescriptor() ([]byte, []int)

Deprecated: Use HeaderValidatorConfig_HeadersWithUnderscoresAction.Descriptor instead.

func (HeaderValidatorConfig_HeadersWithUnderscoresAction) Number added in v0.11.0 

func (x HeaderValidatorConfig_HeadersWithUnderscoresAction) Number() protoreflect.EnumNumber

func (HeaderValidatorConfig_HeadersWithUnderscoresAction) String added in v0.11.0 

func (x HeaderValidatorConfig_HeadersWithUnderscoresAction) String() string

func (HeaderValidatorConfig_HeadersWithUnderscoresAction) Type added in v0.11.0 

func (HeaderValidatorConfig_HeadersWithUnderscoresAction) Type() protoreflect.EnumType

type HeaderValidatorConfig_Http1ProtocolOptions 

type HeaderValidatorConfig_Http1ProtocolOptions struct {

	// Allows Envoy to process HTTP/1 requests/responses with both “Content-Length“ and “Transfer-Encoding“
	// headers set. By default such messages are rejected, but if option is enabled - Envoy will
	// remove the “Content-Length“ header and process the message.
	// See `RFC7230, sec. 3.3.3 <https://datatracker.ietf.org/doc/html/rfc7230#section-3.3.3>`_ for details.
	//
	// .. attention::
	//
	//	Enabling this option might lead to request smuggling vulnerabilities, especially if traffic
	//	is proxied via multiple layers of proxies.
	AllowChunkedLength bool `protobuf:"varint,1,opt,name=allow_chunked_length,json=allowChunkedLength,proto3" json:"allow_chunked_length,omitempty"`
	// contains filtered or unexported fields
}

func (*HeaderValidatorConfig_Http1ProtocolOptions) Descriptor deprecated 

func (*HeaderValidatorConfig_Http1ProtocolOptions) Descriptor() ([]byte, []int)

Deprecated: Use HeaderValidatorConfig_Http1ProtocolOptions.ProtoReflect.Descriptor instead.

func (*HeaderValidatorConfig_Http1ProtocolOptions) GetAllowChunkedLength 

func (x *HeaderValidatorConfig_Http1ProtocolOptions) GetAllowChunkedLength() bool

func (*HeaderValidatorConfig_Http1ProtocolOptions) ProtoMessage 

func (*HeaderValidatorConfig_Http1ProtocolOptions) ProtoMessage()

func (*HeaderValidatorConfig_Http1ProtocolOptions) ProtoReflect 

func (x *HeaderValidatorConfig_Http1ProtocolOptions) ProtoReflect() protoreflect.Message

func (*HeaderValidatorConfig_Http1ProtocolOptions) Reset 

func (x *HeaderValidatorConfig_Http1ProtocolOptions) Reset()

func (*HeaderValidatorConfig_Http1ProtocolOptions) String 

func (x *HeaderValidatorConfig_Http1ProtocolOptions) String() string

func (*HeaderValidatorConfig_Http1ProtocolOptions) Validate 

func (m *HeaderValidatorConfig_Http1ProtocolOptions) Validate() error

Validate checks the field values on HeaderValidatorConfig_Http1ProtocolOptions with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*HeaderValidatorConfig_Http1ProtocolOptions) ValidateAll 

func (m *HeaderValidatorConfig_Http1ProtocolOptions) ValidateAll() error

ValidateAll checks the field values on HeaderValidatorConfig_Http1ProtocolOptions with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in HeaderValidatorConfig_Http1ProtocolOptionsMultiError, or nil if none found.

type HeaderValidatorConfig_Http1ProtocolOptionsMultiError 

type HeaderValidatorConfig_Http1ProtocolOptionsMultiError []error

HeaderValidatorConfig_Http1ProtocolOptionsMultiError is an error wrapping multiple validation errors returned by HeaderValidatorConfig_Http1ProtocolOptions.ValidateAll() if the designated constraints aren't met.

func (HeaderValidatorConfig_Http1ProtocolOptionsMultiError) AllErrors 

func (m HeaderValidatorConfig_Http1ProtocolOptionsMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (HeaderValidatorConfig_Http1ProtocolOptionsMultiError) Error 

func (m HeaderValidatorConfig_Http1ProtocolOptionsMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type HeaderValidatorConfig_Http1ProtocolOptionsValidationError 

type HeaderValidatorConfig_Http1ProtocolOptionsValidationError struct {
	// contains filtered or unexported fields
}

HeaderValidatorConfig_Http1ProtocolOptionsValidationError is the validation error returned by HeaderValidatorConfig_Http1ProtocolOptions.Validate if the designated constraints aren't met.

func (HeaderValidatorConfig_Http1ProtocolOptionsValidationError) Cause 

func (e HeaderValidatorConfig_Http1ProtocolOptionsValidationError) Cause() error

Cause function returns cause value.

func (HeaderValidatorConfig_Http1ProtocolOptionsValidationError) Error 

func (e HeaderValidatorConfig_Http1ProtocolOptionsValidationError) Error() string

Error satisfies the builtin error interface

func (HeaderValidatorConfig_Http1ProtocolOptionsValidationError) ErrorName 

func (e HeaderValidatorConfig_Http1ProtocolOptionsValidationError) ErrorName() string

ErrorName returns error name.

func (HeaderValidatorConfig_Http1ProtocolOptionsValidationError) Field 

func (e HeaderValidatorConfig_Http1ProtocolOptionsValidationError) Field() string

Field function returns field value.

func (HeaderValidatorConfig_Http1ProtocolOptionsValidationError) Key 

func (e HeaderValidatorConfig_Http1ProtocolOptionsValidationError) Key() bool

Key function returns key value.

func (HeaderValidatorConfig_Http1ProtocolOptionsValidationError) Reason 

func (e HeaderValidatorConfig_Http1ProtocolOptionsValidationError) Reason() string

Reason function returns reason value.

type HeaderValidatorConfig_UriPathNormalizationOptions 

type HeaderValidatorConfig_UriPathNormalizationOptions struct {

	// Should paths be normalized according to RFC 3986?
	// This operation overwrites the original request URI path and the new path is used for processing of
	// the request by HTTP filters and proxied to the upstream service.
	// Envoy will respond with 400 to requests with malformed paths that fail path normalization.
	// The default behavior is to normalize the path.
	// This value may be overridden by the runtime variable
	// :ref:`http_connection_manager.normalize_path<config_http_conn_man_runtime_normalize_path>`.
	// See `Normalization and Comparison <https://datatracker.ietf.org/doc/html/rfc3986#section-6>`_
	// for details of normalization.
	// Note that Envoy does not perform
	// `case normalization <https://datatracker.ietf.org/doc/html/rfc3986#section-6.2.2.1>`_
	// URI path normalization can be applied to a portion of requests by setting the
	// “envoy_default_header_validator.path_normalization“ runtime value.
	SkipPathNormalization bool `` /* 127-byte string literal not displayed */
	// Determines if adjacent slashes in the path are merged into one.
	// This operation overwrites the original request URI path and the new path is used for processing of
	// the request by HTTP filters and proxied to the upstream service.
	// Setting this option to true will cause incoming requests with path “//dir///file“ to not match against
	// route with “prefix“ match set to “/dir“. Defaults to “false“. Note that slash merging is not part of
	// `HTTP spec <https://datatracker.ietf.org/doc/html/rfc3986>`_ and is provided for convenience.
	// Merging of slashes in URI path can be applied to a portion of requests by setting the
	// “envoy_default_header_validator.merge_slashes“ runtime value.
	SkipMergingSlashes bool `protobuf:"varint,2,opt,name=skip_merging_slashes,json=skipMergingSlashes,proto3" json:"skip_merging_slashes,omitempty"`
	// The action to take when request URL path contains escaped slash sequences (“%2F“, “%2f“, “%5C“ and “%5c“).
	// This operation may overwrite the original request URI path and the new path is used for processing of
	// the request by HTTP filters and proxied to the upstream service.
	PathWithEscapedSlashesAction HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction `` /* 293-byte string literal not displayed */
	// contains filtered or unexported fields
}

func (*HeaderValidatorConfig_UriPathNormalizationOptions) Descriptor deprecated 

func (*HeaderValidatorConfig_UriPathNormalizationOptions) Descriptor() ([]byte, []int)

Deprecated: Use HeaderValidatorConfig_UriPathNormalizationOptions.ProtoReflect.Descriptor instead.

func (*HeaderValidatorConfig_UriPathNormalizationOptions) GetPathWithEscapedSlashesAction 

func (x *HeaderValidatorConfig_UriPathNormalizationOptions) GetPathWithEscapedSlashesAction() HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction

func (*HeaderValidatorConfig_UriPathNormalizationOptions) GetSkipMergingSlashes 

func (x *HeaderValidatorConfig_UriPathNormalizationOptions) GetSkipMergingSlashes() bool

func (*HeaderValidatorConfig_UriPathNormalizationOptions) GetSkipPathNormalization 

func (x *HeaderValidatorConfig_UriPathNormalizationOptions) GetSkipPathNormalization() bool

func (*HeaderValidatorConfig_UriPathNormalizationOptions) ProtoMessage 

func (*HeaderValidatorConfig_UriPathNormalizationOptions) ProtoMessage()

func (*HeaderValidatorConfig_UriPathNormalizationOptions) ProtoReflect 

func (x *HeaderValidatorConfig_UriPathNormalizationOptions) ProtoReflect() protoreflect.Message

func (*HeaderValidatorConfig_UriPathNormalizationOptions) Reset 

func (x *HeaderValidatorConfig_UriPathNormalizationOptions) Reset()

func (*HeaderValidatorConfig_UriPathNormalizationOptions) String 

func (x *HeaderValidatorConfig_UriPathNormalizationOptions) String() string

func (*HeaderValidatorConfig_UriPathNormalizationOptions) Validate 

func (m *HeaderValidatorConfig_UriPathNormalizationOptions) Validate() error

Validate checks the field values on HeaderValidatorConfig_UriPathNormalizationOptions with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*HeaderValidatorConfig_UriPathNormalizationOptions) ValidateAll 

func (m *HeaderValidatorConfig_UriPathNormalizationOptions) ValidateAll() error

ValidateAll checks the field values on HeaderValidatorConfig_UriPathNormalizationOptions with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in HeaderValidatorConfig_UriPathNormalizationOptionsMultiError, or nil if none found.

type HeaderValidatorConfig_UriPathNormalizationOptionsMultiError 

type HeaderValidatorConfig_UriPathNormalizationOptionsMultiError []error

HeaderValidatorConfig_UriPathNormalizationOptionsMultiError is an error wrapping multiple validation errors returned by HeaderValidatorConfig_UriPathNormalizationOptions.ValidateAll() if the designated constraints aren't met.

func (HeaderValidatorConfig_UriPathNormalizationOptionsMultiError) AllErrors 

func (m HeaderValidatorConfig_UriPathNormalizationOptionsMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (HeaderValidatorConfig_UriPathNormalizationOptionsMultiError) Error 

func (m HeaderValidatorConfig_UriPathNormalizationOptionsMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type HeaderValidatorConfig_UriPathNormalizationOptionsValidationError 

type HeaderValidatorConfig_UriPathNormalizationOptionsValidationError struct {
	// contains filtered or unexported fields
}

HeaderValidatorConfig_UriPathNormalizationOptionsValidationError is the validation error returned by HeaderValidatorConfig_UriPathNormalizationOptions.Validate if the designated constraints aren't met.

func (HeaderValidatorConfig_UriPathNormalizationOptionsValidationError) Cause 

func (e HeaderValidatorConfig_UriPathNormalizationOptionsValidationError) Cause() error

Cause function returns cause value.

func (HeaderValidatorConfig_UriPathNormalizationOptionsValidationError) Error 

func (e HeaderValidatorConfig_UriPathNormalizationOptionsValidationError) Error() string

Error satisfies the builtin error interface

func (HeaderValidatorConfig_UriPathNormalizationOptionsValidationError) ErrorName 

func (e HeaderValidatorConfig_UriPathNormalizationOptionsValidationError) ErrorName() string

ErrorName returns error name.

func (HeaderValidatorConfig_UriPathNormalizationOptionsValidationError) Field 

func (e HeaderValidatorConfig_UriPathNormalizationOptionsValidationError) Field() string

Field function returns field value.

func (HeaderValidatorConfig_UriPathNormalizationOptionsValidationError) Key 

func (e HeaderValidatorConfig_UriPathNormalizationOptionsValidationError) Key() bool

Key function returns key value.

func (HeaderValidatorConfig_UriPathNormalizationOptionsValidationError) Reason 

func (e HeaderValidatorConfig_UriPathNormalizationOptionsValidationError) Reason() string

Reason function returns reason value.

type HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction 

type HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction int32

Determines the action for requests that contain “%2F“, “%2f“, “%5C“ or “%5c“ sequences in the URI path. This operation occurs before URL normalization and the merge slashes transformations if they were enabled. 

const (
	// Default behavior specific to implementation (i.e. Envoy) of this configuration option.
	// Envoy, by default, takes the “KEEP_UNCHANGED“ action.
	// NOTE: the implementation may change the default behavior at-will.
	HeaderValidatorConfig_UriPathNormalizationOptions_IMPLEMENTATION_SPECIFIC_DEFAULT HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction = 0
	// Keep escaped slashes.
	HeaderValidatorConfig_UriPathNormalizationOptions_KEEP_UNCHANGED HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction = 1
	// Reject client request with the 400 status. gRPC requests will be rejected with the “INTERNAL“ (13) error code.
	// The “http#.downstream_rq_failed_path_normalization“ counter is incremented for each rejected request.
	HeaderValidatorConfig_UriPathNormalizationOptions_REJECT_REQUEST HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction = 2
	// Unescape “%2F“ and “%5C“ sequences and redirect the request to the new path if these sequences were present.
	// The redirect occurs after path normalization and merge slashes transformations if they were configured.
	// NOTE: gRPC requests will be rejected with the “INTERNAL“ (13) error code.
	// This option minimizes possibility of path confusion exploits by forcing request with unescaped slashes to
	// traverse all parties: downstream client, intermediate proxies, Envoy and upstream server.
	// The “http#.downstream_rq_redirected_with_normalized_path“ counter is incremented for each
	// redirected request.
	HeaderValidatorConfig_UriPathNormalizationOptions_UNESCAPE_AND_REDIRECT HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction = 3
	// Unescape “%2F“ and “%5C“ sequences.
	// Note: this option should not be enabled if intermediaries perform path based access control as
	// it may lead to path confusion vulnerabilities.
	HeaderValidatorConfig_UriPathNormalizationOptions_UNESCAPE_AND_FORWARD HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction = 4
)

func (HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction) Descriptor 

func (HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction) Descriptor() protoreflect.EnumDescriptor

func (HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction) Enum 

func (x HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction) Enum() *HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction

func (HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction) EnumDescriptor deprecated 

func (HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction) EnumDescriptor() ([]byte, []int)

Deprecated: Use HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction.Descriptor instead.

func (HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction) Number 

func (x HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction) Number() protoreflect.EnumNumber

func (HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction) String 

func (x HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction) String() string

func (HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction) Type 

func (HeaderValidatorConfig_UriPathNormalizationOptions_PathWithEscapedSlashesAction) Type() protoreflect.EnumType

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.