router: disallow :path/host rewriting in request_headers_to_add. (#4220)

We have dedicated alternative mechanisms for this in RouteAction, it can
confuse other actions (e.g. prefix_rewrite).

Fixes oss-fuzz issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9995.

Risk level: Low
Testing: Unit tests and corpus entry added.

Signed-off-by: Harvey Tuch <htuch@google.com>

Mirrored from https://github.com/envoyproxy/envoy @ b9dc5d9a04411fe72ff516cbaef527dd8c016ae9
pull/620/head
data-plane-api(CircleCI) 6 years ago
parent 90a447488a
commit 3e7a9570ef
  1. 2
      envoy/api/v2/core/base.proto

@ -146,7 +146,7 @@ message HeaderValue {
// Header name/value pair plus option to control append behavior. // Header name/value pair plus option to control append behavior.
message HeaderValueOption { message HeaderValueOption {
// Header name/value pair that this option applies to. // Header name/value pair that this option applies to.
HeaderValue header = 1; HeaderValue header = 1 [(validate.rules).message.required = true];
// Should the value be appended? If true (default), the value is appended to // Should the value be appended? If true (default), the value is appended to
// existing values. // existing values.

Loading…
Cancel
Save