envoyproxy/envoy

use correct :scheme header in async_client requests

Open

#38.608 geöffnet am 28. Feb. 2025

Auf GitHub ansehen
 (1 Kommentar) (0 Reaktionen) (0 zugewiesene Personen)C++ (5.373 Forks)batch import
area/httpbughelp wanted

Repository-Metriken

Stars
 (27.997 Stars)
PR-Merge-Metriken
 (Durchschn. Merge 8T) (378 gemergte PRs in 30 T)

Beschreibung

Title: use correct :scheme header in async_client requests

Description: This is a follow up of PR #37978

There I discovered, that requests of the jwks_fetcher did not set the proper :scheme pseudo header, according to the configured URI (it was always 'http' even the transport was 'https'). This lead to problems if http/2 was higher is being used with some servers. For the jwks_fetcher this was fixed in #37978.

But this is a general issue with other 'envoy originating' requests. For example the token endpoint requests of the oauth2 filter will will have the same problem.

In the PR I extended the Http::Utility::prepareHeaders() function to also generate the :scheme header according to the given URI (if the optional include_scheme flag is set).

So to find and fix other affected areas one could search the code for usages of the prepareHeaders() function and consider if this is an affected request and set the include_scheme flag.

Since I will not be able to do it myself in the foreseeable future I open this Issue so maybe some else might do it or at least there is an issue to track this.

Regards

Contributor Guide