envoyproxy/envoy

use correct :scheme header in async_client requests

Open

#38.608 aperta il 28 feb 2025

Vedi su GitHub
 (1 commento) (0 reazioni) (0 assegnatari)C++ (5373 fork)batch import
area/httpbughelp wanted

Metriche repository

Star
 (27.997 star)
Metriche merge PR
 (Merge medio 8g) (378 PR mergiate in 30 g)

Descrizione

Title: use correct :scheme header in async_client requests

Description: This is a follow up of PR #37978

There I discovered, that requests of the jwks_fetcher did not set the proper :scheme pseudo header, according to the configured URI (it was always 'http' even the transport was 'https'). This lead to problems if http/2 was higher is being used with some servers. For the jwks_fetcher this was fixed in #37978.

But this is a general issue with other 'envoy originating' requests. For example the token endpoint requests of the oauth2 filter will will have the same problem.

In the PR I extended the Http::Utility::prepareHeaders() function to also generate the :scheme header according to the given URI (if the optional include_scheme flag is set).

So to find and fix other affected areas one could search the code for usages of the prepareHeaders() function and consider if this is an affected request and set the include_scheme flag.

Since I will not be able to do it myself in the foreseeable future I open this Issue so maybe some else might do it or at least there is an issue to track this.

Regards

Guida contributor