Commits on Oct 16, 2024

1. mesh: add options for HTTP incoming request normalization …

   Expose global mesh configuration to enforce inbound HTTP request
   normalization on mesh traffic via Envoy xDS config.
   
   mesh: enable inbound URL path normalization by default
   
   mesh: add support for L7 header match contains and ignore_case
   
   Enable partial string and case-insensitive matching in L7 intentions
   header match rules.
   
   ui: support L7 header match contains and ignore_case
   
   Co-authored-by: Phil Renaud <phil@riotindustries.com>
   
   test: add request normalization integration bats tests
   
   Add both "positive" and "negative" test suites, showing normalization in
   action as well as expected results when it is not enabled, for the same
   set of test cases.
   
   Also add some alternative service container test helpers for verifying
   raw HTTP request paths, which is difficult to do with Fortio.
   
   docs: update security and reference docs for L7 intentions bypass prevention
   
   - Update security docs with best practices for service intentions
     configuration
   - Update configuration entry references for mesh and intentions to
     reflect new values and add guidance on usage

   

   zalimeni committed Oct 16, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for 9e7757d
   • Browse repository at this point

   Copy the full SHA

   9e7757d View commit details

   Browse the repository at this point in the history