Add unsupported headers #1367

kevo1ution · 2021-06-04T19:11:34Z

Changes proposed in this PR

We can configure added unsupported headers which will short circuit and waiter will respond with an error

Why are we making these changes?

We can easily add different waiter headers that are not available for on-the-fly requests

…ders

…ance unit test

shamsimam · 2021-06-07T16:01:36Z

waiter/src/waiter/core.clj

                                        [:state server-name]
                                        websocket-secure-request-acceptor-fn]
                                 ; If adding new middleware for websocket upgrade requests, consider adding the same middleware to
                                 ; process-request-wrapper-fn
-                                 (let [handler (-> #(ws/request-subprotocol-acceptor (:upgrade-request %) (:upgrade-response %))
+                                 (let [temp-fn (fn [handler]


Needs to be removed.

shamsimam · 2021-06-07T16:16:17Z

waiter/src/waiter/core.clj

@@ -1547,6 +1548,7 @@
                                     auth/wrap-auth-bypass
                                     handler/wrap-https-redirect
                                     pr/wrap-maintenance-mode
+                                     (pr/wrap-unsupported-waiter-headers unsupported-headers)


How do you feel about moving this to descriptor/compute-descriptor (after the headers/split-headers invocation)? I think that function should be responsible for disallowing certain headers.

That's a good idea, I agree. I'm going to confirm it has the same behavior for websockets because the compute-descriptor function will have called by the :default-websocket-handler-fn instead of :websocket-request-acceptor

Okay the error needs to surface in the websocket-request-acceptor handler which doesn't call descriptor/compute-descriptor in its tree of function calls. I had to add a error handler and include this logic in the discover-service-parameters function

~~How does websocket request acceptor decide on the service ID?~~

Misunderstood your comment.

The descriptor/compute-descriptor eventually gets called by the default-websocket-handler, but not the websocket-request-acceptor which is where we want to fail the websocket connection upgrade request

waiter/integration/waiter/basic_test.clj

waiter/src/waiter/service_description.clj

waiter/test/waiter/auth/authenticator_test.clj

Co-authored-by: Shams <shamsimam@users.noreply.github.com>

kevo1ution added the internal-green label Jun 7, 2021

Kevin Tang added 10 commits June 7, 2021 10:31

add unsupported headers

54eb6a7

add unsupported headers list in config-full.edn

0b59098

test unsupported headers in websocket upgrade request

701f127

fixintegration test naming

1281b42

undo removal of previous test and add way to retrieve unsupported hea…

6341f11

…ders

undo https-redirect changes

353b024

rename test to include ws

ce1f88d

add test for on the fly request with unsupported headers

5df85c3

remove unecessary tests for x-waiter-maintenance in test-wrap-mainten…

d106ff2

…ance unit test

fix annotation on test to be integration test

37e5a95

shamsimam reviewed Jun 7, 2021

View reviewed changes

Kevin Tang added 2 commits June 7, 2021 11:20

remove unecessary temp function

ccf3194

move header error when computing descriptor

c974e80

kevo1ution force-pushed the disallow-certain-on-the-fly-headers branch from fd1afaa to c974e80 Compare June 8, 2021 15:05

Kevin Tang added 2 commits June 8, 2021 10:06

remove unecessary code

0c28899

remove unecessary changes to compute

91df91c

shamsimam reviewed Jun 8, 2021

View reviewed changes

waiter/integration/waiter/basic_test.clj Outdated Show resolved Hide resolved

waiter/src/waiter/service_description.clj Outdated Show resolved Hide resolved

waiter/src/waiter/service_description.clj Outdated Show resolved Hide resolved

Kevin Tang added 2 commits June 8, 2021 10:22

fix indentation

264e6ce

set log level info, sort, appropriately name error-details

ab27cae

shamsimam reviewed Jun 8, 2021

View reviewed changes

waiter/test/waiter/auth/authenticator_test.clj Outdated Show resolved Hide resolved

change unit test to use set

b93c801

Co-authored-by: Shams <shamsimam@users.noreply.github.com>

shamsimam approved these changes Jun 8, 2021

View reviewed changes

kevo1ution merged commit 8fc1fd7 into master Jun 8, 2021

kevo1ution deleted the disallow-certain-on-the-fly-headers branch June 8, 2021 16:19

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add unsupported headers #1367

Add unsupported headers #1367

kevo1ution commented Jun 4, 2021

shamsimam Jun 7, 2021

shamsimam Jun 7, 2021

kevo1ution Jun 7, 2021

kevo1ution Jun 8, 2021

shamsimam Jun 8, 2021 •

edited

Loading

kevo1ution Jun 8, 2021

Add unsupported headers #1367

Add unsupported headers #1367

Conversation

kevo1ution commented Jun 4, 2021

Changes proposed in this PR

Why are we making these changes?

shamsimam Jun 7, 2021

Choose a reason for hiding this comment

shamsimam Jun 7, 2021

Choose a reason for hiding this comment

kevo1ution Jun 7, 2021

Choose a reason for hiding this comment

kevo1ution Jun 8, 2021

Choose a reason for hiding this comment

shamsimam Jun 8, 2021 • edited Loading

Choose a reason for hiding this comment

kevo1ution Jun 8, 2021

Choose a reason for hiding this comment

shamsimam Jun 8, 2021 •

edited

Loading