Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-6704

APIcast is stripping away If-Match and If-None-Match headers from requests

XMLWordPrintable

    • False
    • False
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Yes
    • +
    • Undefined
    • Hide

      With the configuration `235` (attached),

      curl -k "https://lapicast-staging.apps-crc.testing:443/?user_key=b6..f42" -H "If-Match: anything" -v

      Returns:

      "headers": {
       "HTTP_VERSION": "HTTP/1.1",
       "HTTP_HOST": "echo-api.3scale.net",
       "HTTP_ACCEPT": "*/*",
       "HTTP_USER_AGENT": "curl/7.71.1",
       "HTTP_X_3SCALE_PROXY_SECRET_TOKEN": "Shared_secret_sent_from_proxy_to_API_backend_2a5ff0d049c54036",
       "HTTP_X_REAL_IP": "10.116.0.1",
       "HTTP_X_FORWARDED_FOR": "192.168.130.1, 10.0.103.196",
       "HTTP_X_FORWARDED_HOST": "echo-api.3scale.net",
       "HTTP_X_FORWARDED_PORT": "443",
       "HTTP_X_FORWARDED_PROTO": "https",
       "HTTP_FORWARDED": "for=10.0.103.196;host=echo-api.3scale.net;proto=https"
       }

      (in thie case the request reaches the upstream but the header was not delivered.

       

      With the configuration `236` (attached),

      curl -k "https://lapicast-staging.apps-crc.testing:443/?user_key=b6e6c4e80ce1fe048464f4c6d1d8af42" -H "If-Match: anything"
      <html>
      <head><title>412 Precondition Failed</title></head>
      <body>
      <center><h1>412 Precondition Failed</h1></center>
      <hr><center>openresty</center>
      </body>
      </html>
      

      (here the 412 is coming from APIcast)

      Show
      With the configuration `235` (attached), curl -k "https: //lapicast-staging.apps-crc.testing:443/?user_key=b6..f42" -H "If-Match: anything" -v Returns: "headers" : { "HTTP_VERSION" : "HTTP/1.1" , "HTTP_HOST" : "echo-api.3scale.net" , "HTTP_ACCEPT" : "*/*" , "HTTP_USER_AGENT" : "curl/7.71.1" , "HTTP_X_3SCALE_PROXY_SECRET_TOKEN" : "Shared_secret_sent_from_proxy_to_API_backend_2a5ff0d049c54036" , "HTTP_X_REAL_IP" : "10.116.0.1" , "HTTP_X_FORWARDED_FOR" : "192.168.130.1, 10.0.103.196" , "HTTP_X_FORWARDED_HOST" : "echo-api.3scale.net" , "HTTP_X_FORWARDED_PORT" : "443" , "HTTP_X_FORWARDED_PROTO" : "https" , "HTTP_FORWARDED" : " for =10.0.103.196;host=echo-api.3scale.net;proto=https" } (in thie case the request reaches the upstream but the header was not delivered.   With the configuration `236` (attached), curl -k "https: //lapicast-staging.apps-crc.testing:443/?user_key=b6e6c4e80ce1fe048464f4c6d1d8af42" -H "If-Match: anything" <html> <head><title>412 Precondition Failed</title></head> <body> <center><h1>412 Precondition Failed</h1></center> <hr><center>openresty</center> </body> </html> (here the 412 is coming from APIcast)

      Regardless of the configuration and policies involved, APIcast is removingto the `If-Match` and `If-None-Match` headers from requests.
      With certain upstreams, APIcast returns the following response instead of forwarding the request to upstream:

      <html>
      <head><title>412 Precondition Failed</title></head>
      <body>
      <center><h1>412 Precondition Failed</h1></center>
      <hr><center>openresty</center>
      </body>
      </html>
      

      APIcast shouldn't modify (or be affected by) the request headers, the client should be able to send the headers to the upstream API.

      Attached example configuration.

      It seems that this was introduced in 2.9.

        1. apicast-config-api-sandbox-235.json
          3 kB
          Samuele Illuminati
        2. apicast-config-api-sandbox-236.json
          3 kB
          Samuele Illuminati

              Unassigned Unassigned
              rhn-support-sillumin Samuele Illuminati (Inactive)
              David Rajnoha David Rajnoha (Inactive)
              Eloy Coto Eloy Coto
              Eloy Coto Eloy Coto
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: