-
Notifications
You must be signed in to change notification settings - Fork 468
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HTTPRequestRedirectFilter allows for wildcard hostnames #949
Comments
gateway-api/apis/v1alpha2/httproute_types.go Lines 678 to 685 in 88013b5
My reading of the spec is the hostname of the request should be used as is - not the hostname defined in the route rule. So if the request is foo.example.com and the route hostname is *.example.com, the location header has foo.exampl.com as the hostname. |
I agree with what you said @hbagdi, maybe we're confusing two different bits. In my example above, my route hostname is |
Yeah, I agree that the hostname in a redirect shouldn't be able to be a wildcard, it should be a precise hostname. |
Ah, I understood this wrong. |
Could we just introduce a new type referenced here ( gateway-api/apis/v1alpha2/httproute_types.go Line 743 in 06754c5
Happy to work on this! |
Agree, this is probably the best approach. Maybe we have |
Yup makes sense to me. I can take this up and get it updated. |
What happened:
Looking through the
HTTPRequestRedirectFilter
spec, theHostname
used has a default kubebuilder validation regex which would allow a user to specify a redirect of*.foo.com
which might not make sense as a redirect hostname.Controllers could catch this and set a condition, we could update the field to use a new
hostname
type which removes the ability to have a wildcard in the value, or maybe there's a use-case I'm not thinking of that folks would want this?What you expected to happen:
Hostnames with wildcards would be rejected.
How to reproduce it (as minimally and precisely as possible):
Here's a sample HTTPRoute:
Right now Contour configures Envoy:
But doesn't route properly:
The text was updated successfully, but these errors were encountered: