mutation_rules.proto

Package: solo.io.envoy.config.common.mutation_rules.v3

copied from https://github.com/envoyproxy/envoy/blob/ad89a587aa0177bfdad6b5c968a6aead5d9be7a4/api/envoy/config/common/mutation_rules/v3/mutation_rules.proto

Types:

Source File: github.com/solo-io/gloo/projects/gloo/api/external/envoy/config/common/mutation_rules/v3/mutation_rules.proto

HeaderMutationRules

The HeaderMutationRules structure specifies what headers may be manipulated by a processing filter. This set of rules makes it possible to control which modifications a filter may make.

By default, an external processing server may add, modify, or remove any header except for an “Envoy internal” header (which is typically denoted by an x-envoy prefix) or specific headers that may affect further filter processing:

Every attempt to add, change, append, or remove a header will be tested against the rules here. Disallowed header mutations will be ignored unless disallow_is_error is set to true.

Attempts to remove headers are further constrained – regardless of the settings, system-defined headers (that start with :) and the host header may never be removed.

In addition, a counter will be incremented whenever a mutation is rejected. In the ext_proc filter, that counter is named rejected_header_mutations. [#next-free-field: 8]

"allowAllRouting": .google.protobuf.BoolValue
"allowEnvoy": .google.protobuf.BoolValue
"disallowSystem": .google.protobuf.BoolValue
"disallowAll": .google.protobuf.BoolValue
"allowExpression": .solo.io.envoy.type.matcher.v3.RegexMatcher
"disallowExpression": .solo.io.envoy.type.matcher.v3.RegexMatcher
"disallowIsError": .google.protobuf.BoolValue

Field Type Description
allowAllRouting .google.protobuf.BoolValue By default, certain headers that could affect processing of subsequent filters or request routing cannot be modified. These headers are host, :authority, :scheme, and :method. Setting this parameter to true allows these headers to be modified as well.
allowEnvoy .google.protobuf.BoolValue If true, allow modification of envoy internal headers. By default, these start with x-envoy but this may be overridden in the Bootstrap configuration using the :ref:header_prefix <envoy_v3_api_field_config.bootstrap.v3.Bootstrap.header_prefix> field. Default is false.
disallowSystem .google.protobuf.BoolValue If true, prevent modification of any system header, defined as a header that starts with a : character, regardless of any other settings. A processing server may still override the :status of an HTTP response using an ImmediateResponse message. Default is false.
disallowAll .google.protobuf.BoolValue If true, prevent modifications of all header values, regardless of any other settings. A processing server may still override the :status of an HTTP response using an ImmediateResponse message. Default is false.
allowExpression .solo.io.envoy.type.matcher.v3.RegexMatcher If set, specifically allow any header that matches this regular expression. This overrides all other settings except for disallow_expression.
disallowExpression .solo.io.envoy.type.matcher.v3.RegexMatcher If set, specifically disallow any header that matches this regular expression regardless of any other settings.
disallowIsError .google.protobuf.BoolValue If true, and if the rules in this list cause a header mutation to be disallowed, then the filter using this configuration will terminate the request with a 500 error. In addition, regardless of the setting of this parameter, any attempt to set, add, or modify a disallowed header will cause the rejected_header_mutations counter to be incremented. Default is false.

HeaderMutation

The HeaderMutation structure specifies an action that may be taken on HTTP headers.

"remove": string
"append": .solo.io.envoy.config.core.v3.HeaderValueOption

Field Type Description
remove string Remove the specified header if it exists. Only one of remove or append can be set.
append .solo.io.envoy.config.core.v3.HeaderValueOption Append new header by the specified HeaderValueOption. Only one of append or remove can be set.