Envoy proxy add some sensitive header, eg: Server, X-Envoy-Upstream-Service-Time...
I want to disable or remove those headers. How can I do that?
Thank for your help!
Though there are some headers that can't be removed, I think all of these you show here can be stripped using the request_headers_to_remove field in the RouteConfiguration.
Check the docs here for usage.
Related
I'd like to log request and response body from incoming traffic to each my microservice.
Is it possible in Istio (Envoy) out-of-the-box?
I don't see body attribute for mapping in Mixer's EntryLog.
Maybe it will be added in future version of Istio?
Of course I can achieve this by implementing my own filter in microservise, but maybe there is better solution to achieve this.
If I understand your question correctly, then you should check out this documentation of Lua filters.
https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/lua_filter
https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/lua_filter#script-examples
body = handle:body() should give you the request or response body, depending upon the handle.
handle:logInfo(message) should help you log it.
For me print statement also had worked.
e.g. print(headers["Cache-Control"]) was putting the header value in the log of my app on GCP project's kubernetes cluster.
You need to apply an EnvoyFilter in your kubernetes cluster and in the lua code, you can log the request body.
Also keep in mind that 'The filter should be configured with the name envoy.lua' ONLY
Problem: In email address # replaced by %40.
http header manager:
user defined variables:
http request:
and result tree:
I have researched about this, and they say that, if http method is POST, then it should encoded automatically. But It does not encoded automatically. Any advice, how can I resolve this?
Note: Jmeter version : 3.1 and I am trying to test a rest service.
Please try sending data in Body data instead of sending it in parameters.
Change "Implementation" of your HTTP Request sampler to Java
If you need to change it for more than one sampler - it makes sense to define the setting using HTTP Request Defaults.
I found the answer. #PoorvajaDeshmukh's answer suggest me. Like following (correct defination of body data);
I also tried #DmitriT's suggestion, but I did not work. Thanks for advices...
On IE when i try to browse the rest apis, i am getting a application/json response instead of api (text/html) response (Returns html response on firefox). I am using django restframework 2.2.5 for this purpose.
I read through the documnets and understood that in order to overcome the problem of broken headers for IE we need to use TemplateHTMLRenderer explicitly in the view, so i have added the following to the class definition of my view but still i am getting a json response. Am i not doing it correctly or i am missing something else?
class CustomReports(generics.GenericAPIView):
`renderer_classes = (renderers.TemplateHTMLRenderer)`
Can you please help in fix the problem so that i get html response in case of IE as well?
Which version of IE are you using? I believe newer versions of IE should send correct Accept headers.
I probably wouldn't bother trying to fix things up to work around IE's broken behavior, but instead just make sure that you're including format suffixes in your urls. Then you can simply use the .api suffix to see the browseable API, or the .json suffix to see the plain json.
Eg instead of http://127.0.0.1:8000/api-root/, use http://127.0.0.1:8000/api-root/.api.
I use the latest CI version. In config.php:
$config['global_xss_filtering'] = TRUE;
I can't change this.
I need to save adserver tags (will stored in files, not DB), which contains also Javascript. So with this setting I cant save the adservertags, CI or the input filter removes some parts of it.
My first idea was to encode the adservertag with base64 in the client and then on ther server decode it again, what dou you think?
Sounds like a plan.
Except there is no native way to base64 encode on the client. However, a friendly fellow on Stack-O has solved this for you already: https://stackoverflow.com/a/246813/183254 Be sure to share an upvote for them.
I'm doing a little bit of ajax where I get a static html file that is actually changed on the disk from time to time. Of course IE has a problem where it wants to help out by caching the file which I don't want. I know how to fix this when grabbing a dynamic file: you just change the header in the dynamic file. But how do I do this for the static html file? Note that I am using apache.
Thanks
At Apache level you can setup the expiry date of the document using the mod_expires module.
From the documentation:
This module controls the setting of the Expires HTTP header and the max-age directive of the Cache-Control HTTP header in server responses. The expiration date can set to be relative to either the time the source file was last modified, or to the time of the client access.
These HTTP headers are an instruction to the client about the document's validity and persistence. If cached, the document may be fetched from the cache rather than from the source until this time has passed. After that, the cache copy is considered "expired" and invalid, and a new copy must be obtained from the source.
More details at http://httpd.apache.org/docs/2.0/mod/mod_expires.html
If you can use mod_expires as Marcel suggested, you can always append a random request parameter.
For example, instead of requesting static_file.html you can request static_file.html?_=1231231231 and change that request parameter every time.
jQuery has a really simple way of doing this:
$.ajax({cache: false, url: static_file.html});