envoyproxy/envoy

Allow filtering of headers sent in CheckRequest to gRPC ext authz

Open

#21.535 geöffnet am 1. Juni 2022

Auf GitHub ansehen
 (2 Kommentare) (0 Reaktionen) (0 zugewiesene Personen)C++ (5.373 Forks)batch import
area/ext_authzarea/grpcenhancementhelp wanted

Repository-Metriken

Stars
 (27.997 Stars)
PR-Merge-Metriken
 (Durchschn. Merge 8T) (378 gemergte PRs in 30 T)

Beschreibung

Title: Allow filtering of headers sent in CheckRequest to gRPC ext authz

Description:

The HTTP ext authz allows for the filtering of headers from the request sent to the ext authz service (allowed_headers: https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/http/ext_authz/v3/ext_authz.proto#extensions-filters-http-ext-authz-v3-authorizationrequest), but the gRPC version does not.

In my case a lot of non-required headers are being passed along to my ext authz, I would prefer if they were not. I could of course move to straight HTTP but I don't really want to do that either.

Contributor Guide