diff --git a/BUILD b/BUILD index 2caeb712..ff4e6094 100644 --- a/BUILD +++ b/BUILD @@ -90,6 +90,7 @@ proto_library( "//envoy/config/cluster/v3:pkg", "//envoy/config/common/key_value/v3:pkg", "//envoy/config/common/matcher/v3:pkg", + "//envoy/config/common/mutation_rules/v3:pkg", "//envoy/config/core/v3:pkg", "//envoy/config/endpoint/v3:pkg", "//envoy/config/filter/thrift/router/v2alpha1:pkg", diff --git a/envoy/config/common/mutation_rules/v3/mutation_rules.proto b/envoy/config/common/mutation_rules/v3/mutation_rules.proto index c42f4196..856c245f 100644 --- a/envoy/config/common/mutation_rules/v3/mutation_rules.proto +++ b/envoy/config/common/mutation_rules/v3/mutation_rules.proto @@ -14,6 +14,8 @@ option java_multiple_files = true; option go_package = "github.com/envoyproxy/go-control-plane/envoy/config/common/mutation_rules/v3;mutation_rulesv3"; option (udpa.annotations.file_status).package_version_status = ACTIVE; +// [#protodoc-title: Header Mutation Rules] + // The HeaderMutationRules structure specifies what headers may be // manipulated by a processing filter. This set of rules makes it // possible to control which modifications a filter may make. @@ -40,7 +42,6 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE; // rejected. In the ext_proc filter, that counter is named // "rejected_header_mutations". // [#next-free-field: 8] -// [#not-implemented-hide:] message HeaderMutationRules { // By default, certain headers that could affect processing of subsequent // filters or request routing cannot be modified. These headers are diff --git a/envoy/extensions/filters/http/ext_proc/v3/BUILD b/envoy/extensions/filters/http/ext_proc/v3/BUILD index e9b556d6..aea366ea 100644 --- a/envoy/extensions/filters/http/ext_proc/v3/BUILD +++ b/envoy/extensions/filters/http/ext_proc/v3/BUILD @@ -6,6 +6,7 @@ licenses(["notice"]) # Apache 2 api_proto_package( deps = [ + "//envoy/config/common/mutation_rules/v3:pkg", "//envoy/config/core/v3:pkg", "@com_github_cncf_udpa//udpa/annotations:pkg", "@com_github_cncf_udpa//xds/annotations/v3:pkg", diff --git a/envoy/extensions/filters/http/ext_proc/v3/ext_proc.proto b/envoy/extensions/filters/http/ext_proc/v3/ext_proc.proto index ceba3d06..dd432c4b 100644 --- a/envoy/extensions/filters/http/ext_proc/v3/ext_proc.proto +++ b/envoy/extensions/filters/http/ext_proc/v3/ext_proc.proto @@ -2,6 +2,7 @@ syntax = "proto3"; package envoy.extensions.filters.http.ext_proc.v3; +import "envoy/config/common/mutation_rules/v3/mutation_rules.proto"; import "envoy/config/core/v3/grpc_service.proto"; import "envoy/extensions/filters/http/ext_proc/v3/processing_mode.proto"; @@ -31,7 +32,6 @@ option (xds.annotations.v3.file_status).work_in_progress = true; // * Request and response attributes are not sent and not processed. // * Dynamic metadata in responses from the external processor is ignored. // * "async mode" is not implemented -// * Per-route configuration is not implemented // The filter communicates with an external gRPC service called an "external processor" // that can do a variety of things with the request and response: @@ -95,7 +95,7 @@ option (xds.annotations.v3.file_status).work_in_progress = true; // messages, and the server must reply with // :ref:`ProcessingResponse `. -// [#next-free-field: 9] +// [#next-free-field: 10] message ExternalProcessor { // Configuration for the gRPC service that the filter will communicate with. // The filter supports both the "Envoy" and "Google" gRPC clients. @@ -151,6 +151,14 @@ message ExternalProcessor { // Optional additional prefix to use when emitting statistics. This allows to distinguish // emitted statistics between configured *ext_proc* filters in an HTTP filter chain. string stat_prefix = 8; + + // Rules that determine what modifications an external processing server may + // make to message headers. If not set, all headers may be modified except + // for "host", ":authority", ":scheme", ":method", and headers that start + // with the header prefix set via + // :ref:`header_prefix ` + // (which is usually "x-envoy"). + config.common.mutation_rules.v3.HeaderMutationRules mutation_rules = 9; } // Extra settings that may be added to per-route configuration for a