Package io.envoyproxy.envoy.extensions.http.header_validators.envoy_default.v3

Interface HeaderValidatorConfig.UriPathNormalizationOptionsOrBuilder

All Superinterfaces:
com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder
All Known Implementing Classes:
HeaderValidatorConfig.UriPathNormalizationOptions, HeaderValidatorConfig.UriPathNormalizationOptions.Builder
Enclosing class:
HeaderValidatorConfig
public static interface HeaderValidatorConfig.UriPathNormalizationOptionsOrBuilder extends com.google.protobuf.MessageOrBuilder

  • Method Summary

    Modifier and Type
    Method
    Description
    HeaderValidatorConfig.UriPathNormalizationOptions.PathWithEscapedSlashesAction
    getPathWithEscapedSlashesAction()
    The action to take when request URL path contains escaped slash sequences (``%2F``, ``%2f``, ``%5C`` and ``%5c``).
    int
    getPathWithEscapedSlashesActionValue()
    The action to take when request URL path contains escaped slash sequences (``%2F``, ``%2f``, ``%5C`` and ``%5c``).
    boolean
    getSkipMergingSlashes()
    Determines if adjacent slashes in the path are merged into one.
    boolean
    getSkipPathNormalization()
    Should paths be normalized according to RFC 3986?

    Methods inherited from interface com.google.protobuf.MessageLiteOrBuilder

    isInitialized

    Methods inherited from interface com.google.protobuf.MessageOrBuilder

    findInitializationErrors, getAllFields, getDefaultInstanceForType, getDescriptorForType, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

  • Method Details

    • getSkipPathNormalization

      boolean getSkipPathNormalization()
       Should paths be normalized according to RFC 3986?

 This operation overwrites the original request URI path and the new path is used for processing of
 the request by HTTP filters and proxied to the upstream service.
 Envoy will respond with 400 to requests with malformed paths that fail path normalization.
 The default behavior is to normalize the path.

 This value may be overridden by the runtime variable
 :ref:`http_connection_manager.normalize_path<config_http_conn_man_runtime_normalize_path>`.
 See `Normalization and Comparison <https://datatracker.ietf.org/doc/html/rfc3986#section-6>`_
 for details of normalization.

 .. note::

   Envoy does not perform
   `case normalization <https://datatracker.ietf.org/doc/html/rfc3986#section-6.2.2.1>`_.
   URI path normalization can be applied to a portion of requests by setting the
   ``envoy_default_header_validator.path_normalization`` runtime value.
      bool skip_path_normalization = 1;
      Returns:
      The skipPathNormalization.

    • getSkipMergingSlashes

      boolean getSkipMergingSlashes()
       Determines if adjacent slashes in the path are merged into one.

 This operation overwrites the original request URI path and the new path is used for processing of
 the request by HTTP filters and proxied to the upstream service.
 Setting this option to ``true`` will cause incoming requests with path ``//dir///file`` to not match against
 route with ``prefix`` match set to ``/dir``. Defaults to ``false``.

 .. note::

   Slash merging is not part of the
   `HTTP spec <https://datatracker.ietf.org/doc/html/rfc3986>`_ and is provided for convenience.
   Merging of slashes in URI path can be applied to a portion of requests by setting the
   ``envoy_default_header_validator.merge_slashes`` runtime value.
      bool skip_merging_slashes = 2;
      Returns:
      The skipMergingSlashes.

    • getPathWithEscapedSlashesActionValue

      int getPathWithEscapedSlashesActionValue()
       The action to take when request URL path contains escaped slash sequences (``%2F``, ``%2f``, ``%5C`` and ``%5c``).

 This operation may overwrite the original request URI path and the new path is used for processing of
 the request by HTTP filters and proxied to the upstream service.

 The handling of escaped slashes is important for security as these sequences can be used
 in path confusion attacks to bypass access controls.
      .envoy.extensions.http.header_validators.envoy_default.v3.HeaderValidatorConfig.UriPathNormalizationOptions.PathWithEscapedSlashesAction path_with_escaped_slashes_action = 3 [(.validate.rules) = { ... }
      Returns:
      The enum numeric value on the wire for pathWithEscapedSlashesAction.

    • getPathWithEscapedSlashesAction

      HeaderValidatorConfig.UriPathNormalizationOptions.PathWithEscapedSlashesAction getPathWithEscapedSlashesAction()
       The action to take when request URL path contains escaped slash sequences (``%2F``, ``%2f``, ``%5C`` and ``%5c``).

 This operation may overwrite the original request URI path and the new path is used for processing of
 the request by HTTP filters and proxied to the upstream service.

 The handling of escaped slashes is important for security as these sequences can be used
 in path confusion attacks to bypass access controls.
      .envoy.extensions.http.header_validators.envoy_default.v3.HeaderValidatorConfig.UriPathNormalizationOptions.PathWithEscapedSlashesAction path_with_escaped_slashes_action = 3 [(.validate.rules) = { ... }
      Returns:
      The pathWithEscapedSlashesAction.