DevFW-CICD/ingress-nginx-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Set grpc :authority header from request header (#8912)

Browse source 
This is to fix that the `:authority` header is  set to `upstream_balancer`
This commit is contained in:
Junrui Chen 2023-06-27 16:30:30 +10:00 committed by GitHub
parent 643c475db0
commit a21b5218a5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 1 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
rootfs/etc/nginx/template/nginx.tmpl
View file

@ -1388,13 +1388,11 @@ stream {
{{ end }}
{{/* By default use vhost as Host to upstream, but allow overrides */}}
{{ if not (eq $proxySetHeader "grpc_set_header") }}
{{ if not (empty $location.UpstreamVhost) }}
{{ $proxySetHeader }} Host {{ $location.UpstreamVhost | quote }};
{{ else }}
{{ $proxySetHeader }} Host $best_http_host;
{{ end }}
{{ end }}
# Pass the extracted client certificate to the backend
{{ if not (empty $server.CertificateAuth.CAFileName) }}

1
test/e2e/annotations/grpc.go
View file

@ -120,6 +120,7 @@ var _ = framework.DescribeAnnotation("backend-protocol - GRPC", func() {
metadata := res.GetMetadata()
assert.Equal(ginkgo.GinkgoT(), metadata["content-type"].Values[0], "application/grpc")
assert.Equal(ginkgo.GinkgoT(), metadata[":authority"].Values[0], host)
})
ginkgo.It("authorization metadata should be overwritten by external auth response headers", func() {