* mismatch content type should set on_error metadata in json_to_metadata filter
Signed-off-by: kuochunghsu <kuochunghsu@pinterest.com>
Mirrored from https://github.com/envoyproxy/envoy @ 6aea06a3e9ba5ee7f5537cf0f70a72bdbb35ab72
Signed-off-by: Adam Anderson <6754028+AdamEAnderson@users.noreply.github.com>
Mirrored from https://github.com/envoyproxy/envoy @ 9a575d82a4186c8cf37ff3d7f0a7002dce412d7d
CORS: Generate local response for preflights with not matching origin.
Signed-off-by: Christoph Pakulski <christoph@tetrate.io>
Mirrored from https://github.com/envoyproxy/envoy @ 5f58f9ac917e82fdfadb771b8de3bb466d9e53ee
There is a case when somebody is uploading a file with "content type: multipart/form-data; boundary=------------------------75b5d728d1539bb5"; since the header value will change every time, we can not write a config to allow it in previous proto. Then we need a regex match to allow it.
Risk Level: low
Testing: unit test
Signed-off-by: Cai Qi <cqi@pinterest.com>
Mirrored from https://github.com/envoyproxy/envoy @ 667e96312130ac2bcbb7c1c598f4d63746d6f0c4
* generic proxy: complete the development of HTTP1 codec
Signed-off-by: wbpcode <wbphub@live.com>
* minor update
Signed-off-by: wbpcode <wbphub@live.com>
* add TODOs
Signed-off-by: wbpcode <wbphub@live.com>
* more validation and single frame mode for HTTP
Signed-off-by: wbpcode <wbphub@live.com>
* more test and validation
Signed-off-by: wbpcode <wbphub@live.com>
* handle the 100 continue and the 1xx response
Signed-off-by: wbpcode <wbphub@live.com>
* minor update
Signed-off-by: wbpcode <wbphub@live.com>
* address comments
Signed-off-by: wbpcode <wbphub@live.com>
* address comments
Signed-off-by: wbpcode <wbphub@live.com>
---------
Signed-off-by: wbpcode <wbphub@live.com>
Mirrored from https://github.com/envoyproxy/envoy @ ffcc257e16c9046b2fec7497a6bf9293d8ada286
This is akin to shadow_rules_stat_prefix but for non-shadowing rules.
Since only shadow rules emit dynamic metadata, this prefix only applies
to metrics.
---------
Signed-off-by: Thomas van Noort <thomas.vannoort@datadoghq.com>
Mirrored from https://github.com/envoyproxy/envoy @ 7fec609a507371d7176c61aa4623f445543f294f
Remove `output_to_genfiles = True`.
This is a no-op, as Bazel already enables `--incompatible_merge_genfiles_directory` by default, which makes the distinction between genfiles and bin moot.
Signed-off-by: Tiago Quelhas <tjgq@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 213b757639b2b0c911250e73c6c57ea59cd30ead
Resolves#32119. This allows the option to always log successful health checks. On the first successful health check, only ``logAddHealthy`` is called. On consecutive successful health checks, ``logSuccessfulHealthCheck`` is called.
Risk Level: low (config guarded)
Testing: unit tests
Docs Changes: API docs
Release Notes: added
Platform Specific Features: none
Signed-off-by: ohadvano <ohadvano@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 975d4107061ea92a62e99490c9474ace17d9609a
Adds new max_lifetime config field to restrict token lifetime accepted from a JwtProvider.
Risk Level: Low
Testing: Unit testing
Docs Changes: Added subjects description inline in proto.
Release Notes: Attached
Optional [API Considerations](https://github.com/envoyproxy/envoy/blob/main/api/review_checklist.md): Feature is opt in, without specifying the config, there's no behavior change.
Fixes#31455
Signed-off-by: Matthew Jones <mattjo@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ 63cf70129f06e53f0915e7cefc4ead637784a183
http3: Add support for HTTP/3 METADATA
Adds a new allow_metadata option to Http3ProtocolOptions.
Risk Level: Low, protected by new config option
Testing: New integration tests
Docs Changes: N/A
Release Notes: Updated
Signed-off-by: Ryan Hamilton <rch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 640f016a2e99ab44e97dec71b60afec91404dadd
Adds new `subjects` config field to restrict subjects accepted from a `JwtProvider` partially implementing #31455
Risk Level: Low
Testing: Unit testing
Docs Changes: Added `subjects` description inline in proto.
Release Notes: Attached
Optional [API Considerations](https://github.com/envoyproxy/envoy/blob/main/api/review_checklist.md): Feature is opt in, without specifying the config, there's no behavior change.
Signed-off-by: Matthew Jones <mattjo@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ 08231e383fc3fb1c3bb207774d8295995759552a
* add dr response flag
Signed-off-by: Boteng Yao <boteng@google.com>
* add tests
Signed-off-by: Boteng Yao <boteng@google.com>
* fix assertion
Signed-off-by: Boteng Yao <boteng@google.com>
* fix format
Signed-off-by: Boteng Yao <boteng@google.com>
* fix proto
Signed-off-by: Boteng Yao <boteng@google.com>
* fix test
Signed-off-by: Boteng Yao <boteng@google.com>
* fix test
Signed-off-by: Boteng Yao <boteng@google.com>
* add change logs
Signed-off-by: Boteng Yao <boteng@google.com>
---------
Signed-off-by: Boteng Yao <boteng@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 0cb0b01b7f44399085e511085e51e8222132982e
Added new parameter `ajax_request_matcher` to optionally not allow OAuth2 authorization redirect when all tokens are expired. Such redirect usually redirects the user to a login page (in authorization code flow) and this behavior is not desired in Ajax requests.
Signed-off-by: Samuel Valis <samuel.valis@innovatrics.com>
Mirrored from https://github.com/envoyproxy/envoy @ 8318716d9aedfc6277cd605a41b606a86f3feb52
* Change udpa renaming workaround to not compile the same archive twice
---------
Signed-off-by: Raven Black <ravenblack@dropbox.com>
Mirrored from https://github.com/envoyproxy/envoy @ 0d3bdfe471fa78d9b16bae67550e1424f596613e
* API for defining HTTP errors, locally originated errors and database errors.
Signed-off-by: Christoph Pakulski <paker8848@gmail.com>
* Adjusted next free field.
Signed-off-by: Christoph Pakulski <paker8848@gmail.com>
* Use Any for monitor extensions.
Moved proto for errors and consecutive errors monitor to envoy/extensions.
Signed-off-by: Christoph Pakulski <paker8848@gmail.com>
* Adjusted main api's BUILD file.
Signed-off-by: Christoph Pakulski <paker8848@gmail.com>
* Renamed common to error_types.
Signed-off-by: Christoph Pakulski <paker8848@gmail.com>
* Fixed docs.
Signed-off-by: Christoph Pakulski <paker8848@gmail.com>
* Used TypedExtensionConfig instead of user-define message.
Signed-off-by: Christoph Pakulski <paker8848@gmail.com>
* Redesign ErrorBucket to avoid using oneof.
Signed-off-by: Christoph Pakulski <paker8848@gmail.com>
* Renamed error buckets.
Signed-off-by: Christoph Pakulski <paker8848@gmail.com>
---------
Signed-off-by: Christoph Pakulski <paker8848@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 6e71eb87e5d1c5b1853763afce64738bce13b586