ext_authz: Skip setting content-length when it is part of the allowed headers (#9718)

In ext_authz HTTP implementation, when user set content-length as one of
the allowed headers patterns as part of request authorization, we should
skip setting it since it is already configured at initialization and the
value depends on the request_size.

Signed-off-by: Dhi Aurrahman <dio@tetrate.io>

Mirrored from https://github.com/envoyproxy/envoy @ aaf67bba8c0fd245dbdd41b7c9eef6639ecbfa0d

envoy/config/filter/http/ext_authz/v2/ext_authz.proto

@@ -166,7 +166,11 @@ message AuthorizationRequest {
   // 1. *Host*, *Method*, *Path* and *Content-Length* are automatically included to the list.
   //
   // 2. *Content-Length* will be set to 0 and the request to the authorization service will not have
-  // a message body.
+  // a message body. However, the authorization request can include the buffered client request body
+  // (controlled by :ref:`with_request_body
+  // <envoy_api_field_config.filter.http.ext_authz.v2.ExtAuthz.with_request_body>` setting),
+  // consequently the value of *Content-Length* of the authorization request reflects the size of
+  // its payload size.
   //
   type.matcher.ListStringMatcher allowed_headers = 1;
 

envoy/extensions/filters/http/ext_authz/v3/ext_authz.proto

@@ -175,7 +175,11 @@ message AuthorizationRequest {
   // 1. *Host*, *Method*, *Path* and *Content-Length* are automatically included to the list.
   //
   // 2. *Content-Length* will be set to 0 and the request to the authorization service will not have
-  // a message body.
+  // a message body. However, the authorization request can include the buffered client request body
+  // (controlled by :ref:`with_request_body
+  // <envoy_api_field_extensions.filters.http.ext_authz.v3.ExtAuthz.with_request_body>` setting),
+  // consequently the value of *Content-Length* of the authorization request reflects the size of
+  // its payload size.
   //
   type.matcher.v3.ListStringMatcher allowed_headers = 1;