-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
http: Change sendLocalReply to send percent-encoded GrpcMessage #6913
Conversation
This patch changed sendLocalReply to send GrpcMessage in percent-encoded instead of plain string. Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice, looks pretty good.
Does this seem like something that needs to be config guarded in some way? While I understand this to be the correct behavior I wonder if there are people relying on this/don't want to spend the CPU on encoding every response.
@snowp thanks for the review. Will address it soon. re: config, yeah probably that's a good point. Will try to introduce one for this. |
Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
Note that if this feature is not enabled, then it will take down envoy if the external auth service responds with a multi-line message. It is a point that someone could be parsing and using that header already, though, of course, but it sounds like something that should be default on (with a note in the release log) |
Yeah it's a bit tricky due to this being used by out of repo filters, so we don't really know how it is being used. There seems to be 3 options: 1) config guard it 2) make the encoding behavior optional through a parameter to I'm not sure how careful we have to be here wrt to the breaking change policy. @alyssawilk @mattklein123 Do you have any thoughts on how to best handle this? |
I'd like @lizan 's take but if this is a correctness issue I'd be inclined to say we should always do it, but we could runtime guard the change to make sure if it causes problems it's easy for folks to roll back while we address. |
Per https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md
Grpc-Message should be percent-encoded. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should just update sendLocalyReply
, per gRPC spec it should be always precent-encoded.
Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems like the consensus is that we don't need to gate this on anything, which seems fine to me. My initial concern was about out of tree uses that might already be percent encoding the value given to sendLocalReply, but that might not be very common
Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
/retest |
🔨 rebuilding |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry for the delay, this LGTM. @lizan Do you wanna do the senior review of this one?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM w/ small comment request. Thank you!
/wait
for (size_t i = 0; i < value.size(); ++i) { | ||
const char& ch = value[i]; | ||
// https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md#responses. | ||
if (ch < ' ' || ch >= '~' || ch == '%') { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This first check is a performance optimization, right? It took me a little while to figure out what was going on here. If so, can you add an explanatory comment about why we are doing it this way?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure. Added some comments.
Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome, thanks.
Description: This patch changed
sendLocalReply
to sendGrpcMessage
in percent-encodedinstead of plain string following: https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md#responses.
Risk Level: Low
Testing: Unit tests
Docs Changes: N/A
Release Notes: Added
Fixes #6902