envoyproxy/envoy

use correct :scheme header in async_client requests

Open

#38,608 opened on 2025年2月28日

GitHub で見る
 (1 comment) (0 reactions) (0 assignees)C++ (5,373 forks)batch import
area/httpbughelp wanted

Repository metrics

Stars
 (27,997 stars)
PR merge metrics
 (平均マージ 8d) (30d で 378 merged PRs)

説明

Title: use correct :scheme header in async_client requests

Description: This is a follow up of PR #37978

There I discovered, that requests of the jwks_fetcher did not set the proper :scheme pseudo header, according to the configured URI (it was always 'http' even the transport was 'https'). This lead to problems if http/2 was higher is being used with some servers. For the jwks_fetcher this was fixed in #37978.

But this is a general issue with other 'envoy originating' requests. For example the token endpoint requests of the oauth2 filter will will have the same problem.

In the PR I extended the Http::Utility::prepareHeaders() function to also generate the :scheme header according to the given URI (if the optional include_scheme flag is set).

So to find and fix other affected areas one could search the code for usages of the prepareHeaders() function and consider if this is an affected request and set the include_scheme flag.

Since I will not be able to do it myself in the foreseeable future I open this Issue so maybe some else might do it or at least there is an issue to track this.

Regards

コントリビューターガイド