Enum HttpConnectionManager.PathWithEscapedSlashesAction

  • All Implemented Interfaces:
    com.google.protobuf.Internal.EnumLite, com.google.protobuf.ProtocolMessageEnum, java.io.Serializable, java.lang.Comparable<HttpConnectionManager.PathWithEscapedSlashesAction>
    Enclosing class:
    HttpConnectionManager

    public static enum HttpConnectionManager.PathWithEscapedSlashesAction
    extends java.lang.Enum<HttpConnectionManager.PathWithEscapedSlashesAction>
    implements com.google.protobuf.ProtocolMessageEnum
     Determines the action for request that contain %2F, %2f, %5C or %5c sequences in the URI path.
     This operation occurs before URL normalization and the merge slashes transformations if they were enabled.
     
    Protobuf enum envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.PathWithEscapedSlashesAction
    • Enum Constant Detail

      • IMPLEMENTATION_SPECIFIC_DEFAULT

        public static final HttpConnectionManager.PathWithEscapedSlashesAction IMPLEMENTATION_SPECIFIC_DEFAULT
         Default behavior specific to implementation (i.e. Envoy) of this configuration option.
         Envoy, by default, takes the KEEP_UNCHANGED action.
         NOTE: the implementation may change the default behavior at-will.
         
        IMPLEMENTATION_SPECIFIC_DEFAULT = 0;
      • REJECT_REQUEST

        public static final HttpConnectionManager.PathWithEscapedSlashesAction REJECT_REQUEST
         Reject client request with the 400 status. gRPC requests will be rejected with the INTERNAL (13) error code.
         The "httpN.downstream_rq_failed_path_normalization" counter is incremented for each rejected request.
         
        REJECT_REQUEST = 2;
      • UNESCAPE_AND_REDIRECT

        public static final HttpConnectionManager.PathWithEscapedSlashesAction UNESCAPE_AND_REDIRECT
         Unescape %2F and %5C sequences and redirect request to the new path if these sequences were present.
         Redirect occurs after path normalization and merge slashes transformations if they were configured.
         NOTE: gRPC requests will be rejected with the INTERNAL (13) error code.
         This option minimizes possibility of path confusion exploits by forcing request with unescaped slashes to
         traverse all parties: downstream client, intermediate proxies, Envoy and upstream server.
         The "httpN.downstream_rq_redirected_with_normalized_path" counter is incremented for each
         redirected request.
         
        UNESCAPE_AND_REDIRECT = 3;
      • UNESCAPE_AND_FORWARD

        public static final HttpConnectionManager.PathWithEscapedSlashesAction UNESCAPE_AND_FORWARD
         Unescape %2F and %5C sequences.
         Note: this option should not be enabled if intermediaries perform path based access control as
         it may lead to path confusion vulnerabilities.
         
        UNESCAPE_AND_FORWARD = 4;
    • Field Detail

      • IMPLEMENTATION_SPECIFIC_DEFAULT_VALUE

        public static final int IMPLEMENTATION_SPECIFIC_DEFAULT_VALUE
         Default behavior specific to implementation (i.e. Envoy) of this configuration option.
         Envoy, by default, takes the KEEP_UNCHANGED action.
         NOTE: the implementation may change the default behavior at-will.
         
        IMPLEMENTATION_SPECIFIC_DEFAULT = 0;
        See Also:
        Constant Field Values
      • KEEP_UNCHANGED_VALUE

        public static final int KEEP_UNCHANGED_VALUE
         Keep escaped slashes.
         
        KEEP_UNCHANGED = 1;
        See Also:
        Constant Field Values
      • REJECT_REQUEST_VALUE

        public static final int REJECT_REQUEST_VALUE
         Reject client request with the 400 status. gRPC requests will be rejected with the INTERNAL (13) error code.
         The "httpN.downstream_rq_failed_path_normalization" counter is incremented for each rejected request.
         
        REJECT_REQUEST = 2;
        See Also:
        Constant Field Values
      • UNESCAPE_AND_REDIRECT_VALUE

        public static final int UNESCAPE_AND_REDIRECT_VALUE
         Unescape %2F and %5C sequences and redirect request to the new path if these sequences were present.
         Redirect occurs after path normalization and merge slashes transformations if they were configured.
         NOTE: gRPC requests will be rejected with the INTERNAL (13) error code.
         This option minimizes possibility of path confusion exploits by forcing request with unescaped slashes to
         traverse all parties: downstream client, intermediate proxies, Envoy and upstream server.
         The "httpN.downstream_rq_redirected_with_normalized_path" counter is incremented for each
         redirected request.
         
        UNESCAPE_AND_REDIRECT = 3;
        See Also:
        Constant Field Values
      • UNESCAPE_AND_FORWARD_VALUE

        public static final int UNESCAPE_AND_FORWARD_VALUE
         Unescape %2F and %5C sequences.
         Note: this option should not be enabled if intermediaries perform path based access control as
         it may lead to path confusion vulnerabilities.
         
        UNESCAPE_AND_FORWARD = 4;
        See Also:
        Constant Field Values
      • value

        private final int value
    • Constructor Detail

      • PathWithEscapedSlashesAction

        private PathWithEscapedSlashesAction​(int value)
    • Method Detail

      • values

        public static HttpConnectionManager.PathWithEscapedSlashesAction[] values()
        Returns an array containing the constants of this enum type, in the order they are declared. This method may be used to iterate over the constants as follows:
        for (HttpConnectionManager.PathWithEscapedSlashesAction c : HttpConnectionManager.PathWithEscapedSlashesAction.values())
            System.out.println(c);
        
        Returns:
        an array containing the constants of this enum type, in the order they are declared
      • valueOf

        public static HttpConnectionManager.PathWithEscapedSlashesAction valueOf​(java.lang.String name)
        Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)
        Parameters:
        name - the name of the enum constant to be returned.
        Returns:
        the enum constant with the specified name
        Throws:
        java.lang.IllegalArgumentException - if this enum type has no constant with the specified name
        java.lang.NullPointerException - if the argument is null
      • getNumber

        public final int getNumber()
        Specified by:
        getNumber in interface com.google.protobuf.Internal.EnumLite
        Specified by:
        getNumber in interface com.google.protobuf.ProtocolMessageEnum
      • valueOf

        @Deprecated
        public static HttpConnectionManager.PathWithEscapedSlashesAction valueOf​(int value)
        Deprecated.
        Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)
        Parameters:
        value - the name of the enum constant to be returned.
        Returns:
        the enum constant with the specified name
        Throws:
        java.lang.IllegalArgumentException - if this enum type has no constant with the specified name
        java.lang.NullPointerException - if the argument is null
      • getValueDescriptor

        public final com.google.protobuf.Descriptors.EnumValueDescriptor getValueDescriptor()
        Specified by:
        getValueDescriptor in interface com.google.protobuf.ProtocolMessageEnum
      • getDescriptorForType

        public final com.google.protobuf.Descriptors.EnumDescriptor getDescriptorForType()
        Specified by:
        getDescriptorForType in interface com.google.protobuf.ProtocolMessageEnum
      • getDescriptor

        public static final com.google.protobuf.Descriptors.EnumDescriptor getDescriptor()
      • valueOf

        public static HttpConnectionManager.PathWithEscapedSlashesAction valueOf​(com.google.protobuf.Descriptors.EnumValueDescriptor desc)
        Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)
        Parameters:
        desc - the name of the enum constant to be returned.
        Returns:
        the enum constant with the specified name
        Throws:
        java.lang.IllegalArgumentException - if this enum type has no constant with the specified name
        java.lang.NullPointerException - if the argument is null