[WFLY-14255] Promote to default stability #780
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
| @@ -0,0 +1,153 @@ | ||||||
| --- | ||||||
| # Add any category for this proposal as a YAML list, e.g. | ||||||
| # - core | ||||||
| # - management | ||||||
| # If missing, add it to _data/wildfly-categories and use its id | ||||||
| categories: | ||||||
| - undertow | ||||||
| # Specify the stability level of the feature. | ||||||
| # Values can be one of: experimental, preview, community, or default | ||||||
| stability-level: default | ||||||
|
|
||||||
| issue: https://issues.redhat.com/browse/WFLY-21525[WFLY-21525] | ||||||
|
|
||||||
| feature-team: | ||||||
| developer: baranowb | ||||||
| sme: | ||||||
| - frainone | ||||||
| outside-perspective: | ||||||
| - thofman | ||||||
|
|
||||||
| promotes: https://github.com/wildfly/wildfly-proposals/pull/444 | ||||||
|
Contributor
There was a problem hiding this comment. The analysis doc under that PR should have it's promoted-by field updated to point to this new analysis doc. This is similar to RFCs where they have "Obsoletes" and "Obsoleted" by so the relationship can be navigated. |
||||||
| promoted-by: https://github.com/wildfly/wildfly-proposals/issues/793 | ||||||
|
Contributor
There was a problem hiding this comment. This one doesn't need a value, this is intended to link to the propsal that promotes this to a higher stability level. |
||||||
| --- | ||||||
|
|
||||||
| = Promote reuse-x-forwarded-header and rewrite-host header to DEFAULT stability | ||||||
| :author: Bartosz Baranowski | ||||||
| :email: bbaranow@redhat.com | ||||||
| :toc: left | ||||||
| :icons: font | ||||||
| :idprefix: | ||||||
| :idseparator: - | ||||||
|
|
||||||
|
|
||||||
| == Overview | ||||||
|
|
||||||
| In some scenarios it is a requirement to reuse x forwarded or rewrite host header. Currently ProxyHandler flags controlling both are hardcoded to 'false', meaning mentioned functionality is not accessible. | ||||||
| This RFE address this by introductin model values that control mentioned flags. | ||||||
|
|
||||||
| === User Stories | ||||||
baranowb marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||
|
|
||||||
| Stability promotion from https://github.com/wildfly/wildfly-proposals/pull/444[Proposals PR 444] | ||||||
|
|
||||||
| == Issue Metadata | ||||||
|
|
||||||
| * https://issues.redhat.com/browse/WFLY-21525[WFLY-21525] | ||||||
|
|
||||||
| === Related Issues | ||||||
|
|
||||||
| * https://issues.redhat.com/browse/EAP7-1837[EAP7-1837] | ||||||
| * https://issues.redhat.com/browse/CIPOE-1793[CIPOE-1793] | ||||||
| * https://issues.redhat.com/browse/EAPDOC-1273[EAPDOC-1273] | ||||||
| * https://issues.redhat.com/browse/HAL-2050[HAL-2050] | ||||||
| * https://github.com/wildfly/wildfly/pull/19547[WFLY PULL-19547] | ||||||
|
|
||||||
| === Affected Projects or Components | ||||||
|
|
||||||
| Undertow integration. HAL has integration covered via linked ticket. | ||||||
|
|
||||||
| === Other Interested Projects | ||||||
|
|
||||||
| === Relevant Installation Types | ||||||
|
|
||||||
| * Traditional standalone server (unzipped or provisioned by Galleon) | ||||||
| * Managed domain | ||||||
| * OpenShift Source-to-Image (S2I) | ||||||
| * Bootable jar | ||||||
|
|
||||||
| == Requirements | ||||||
|
|
||||||
| * Being able to configure both flags via model: | ||||||
| - reuse-x-forwarded-header | ||||||
| - rewrite-host-header | ||||||
|
|
||||||
| [literal] | ||||||
| <subsystem xmlns="urn:jboss:domain:undertow:14.0" default-server="some-server" default-servlet-container="myContainer" default-virtual-host="default-virtual-host" instance-id="some-id" statistics-enabled="true"> | ||||||
| .... | ||||||
| <handlers> | ||||||
| <file case-sensitive="false" directory-listing="true" follow-symlink="true" name="welcome-content" path="${jboss.home.dir}" safe-symlink-paths="/path/to/folder /second/path"/> | ||||||
| <reverse-proxy ... reuse-x-forwarded-header="true" rewrite-host-header="false"> | ||||||
| </reverse-proxy> | ||||||
| </handlers> | ||||||
| .... | ||||||
| </subsystem> | ||||||
| Parameters will be present in reverse-proxy element(for standalone: /subsystem=undertow/configuration=handler/reverse-proxy=my-handler): | ||||||
| * reuse-x-forwarded-header | ||||||
| ** Default: false | ||||||
| ** Type: boolean | ||||||
| ** Description: if true append(reuse existing) remote hop to x-forwarded-* headers, if not, previous value is discarded and remote hop becomes the value, otherwise set it to remote host. | ||||||
| * rewrite-host-header | ||||||
| ** Default: false | ||||||
| ** Type: boolean | ||||||
| ** Description: if true set host header to connection remote end and create x-forwarded-host header. | ||||||
|
|
||||||
| === Changed requirements | ||||||
|
|
||||||
| Bump stability. | ||||||
|
|
||||||
| === Non-Requirements | ||||||
|
|
||||||
|
|
||||||
| === Future Work | ||||||
|
|
||||||
|
|
||||||
| == Backwards Compatibility | ||||||
|
|
||||||
| N/A | ||||||
|
|
||||||
| === Default Configuration | ||||||
|
|
||||||
| N/A | ||||||
|
|
||||||
| === Importing Existing Configuration | ||||||
|
|
||||||
| N/A | ||||||
|
|
||||||
| === Deployments | ||||||
|
|
||||||
| N/A | ||||||
|
|
||||||
| === Interoperability | ||||||
|
|
||||||
| N/A | ||||||
|
|
||||||
| == Implementation Plan | ||||||
|
|
||||||
| Already done. | ||||||
|
Member
There was a problem hiding this comment. Well, not really. This is meant to cover how this will be delivered and coordinated with e.g. HAL-2050. |
||||||
|
|
||||||
| == Admin Clients | ||||||
|
|
||||||
| CLI should not have problems. HAL requires update(HAL-2050). | ||||||
baranowb marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||
|
|
||||||
| == Security Considerations | ||||||
|
|
||||||
|
|
||||||
|
|
||||||
| [[test_plan]] | ||||||
| == Test Plan | ||||||
|
|
||||||
| https://gitlab.cee.redhat.com/jbossqe-eap/test-plans/-/merge_requests/821[Test Plan] | ||||||
|
Member
There was a problem hiding this comment. This is not publicly accessible. I am not sure how we handle this for default.
Contributor
There was a problem hiding this comment. I would just omit the link I think, maybe a short description of the testing that exists? |
||||||
|
|
||||||
| == Community Documentation | ||||||
|
|
||||||
| Reverse proxy support two new configuration options: | ||||||
| * reuseXForwarded - force proxy to include previously present X-Forwarded-For headers, rather than(false) using most recent hop as single value for that header. | ||||||
| * rewriteHost - force proxy to put target server as content of Host header(to adhere to HTTP protocol), instead of exposed proxy. | ||||||
|
|
||||||
| == Release Note Content | ||||||
|
|
||||||
| Proxy configuration option now support: | ||||||
|
Member
There was a problem hiding this comment.
Suggested change
|
||||||
| * reuseXForwarded - allow to mark downstream proxies( incoming traffic ) as 'trusted', hence content of X-Forwarded-For header is not dropped, but used as seed. | ||||||
| * rewriteHost - enable reverse proxy to alter Host header | ||||||
|
|
||||||
| Check test plan Security section for references on what does attributes do. | ||||||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.