feature: add routerchecker in middleware (#2286)

* feature: add routerchecker in middleware

Signed-off-by: 1046102779 <seachen@tencent.com>

* feature: add routerchecker in middleware

Signed-off-by: 1046102779 <seachen@tencent.com>

Co-authored-by: Mark Fussell <markfussell@gmail.com>
Co-authored-by: greenie-msft <56556602+greenie-msft@users.noreply.github.com>
This commit is contained in:
yellow chicks 2022-05-13 06:35:57 +08:00 committed by GitHub
parent 0aa13e6e8e
commit 97670ff708
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 73 additions and 0 deletions

View File

@ -29,3 +29,5 @@ Table captions:
| [Bearer]({{< ref middleware-bearer.md >}}) | Verifies a [Bearer Token](https://tools.ietf.org/html/rfc6750) using [OpenID Connect](https://openid.net/connect/) on a Web API | Alpha | v1|
| [Open Policy Agent]({{< ref middleware-opa.md >}}) | Applies [Rego/OPA Policies](https://www.openpolicyagent.org/) to incoming Dapr HTTP requests | Alpha | v1|
| [Uppercase]({{< ref middleware-uppercase.md >}}) | Converts the body of the request to uppercase letters | Stable(For local development) | v1|
| [Sentinel]({{< ref middleware-sentinel.md >}}) | Use Sentinel middleware to guarantee the reliability and resiliency of your application | Alpha | v1|
| [RouterChecker]({{< ref middleware-routerchecker.md >}}) | Validates HTTP requests using regexp and filters out invalid requests | Alpha | v1|

View File

@ -0,0 +1,71 @@
---
type: docs
title: "RouterChecker http request routing"
linkTitle: "RouterChecker"
description: "Use routerchecker middleware to block invalid http request routing"
aliases:
- /developing-applications/middleware/supported-middleware/middleware-routerchecker/
---
The RouterChecker HTTP [middleware]({{< ref middleware.md >}}) component leverages regexp to check the validity of HTTP request routing to prevent invalid routers from entering the Dapr cluster. In turn, filtering out bad requests, and reducing noise in the telemetry and log data.
## Component format
The RouterChecker applies a set of rules to the incoming HTTP request. You define these rules in the component metadata using regular expressions. In the following example, the HTTP request RouterChecker is set to validate all requests message against the `^[A-Za-z0-9/._-]+$`: regex.
```yaml
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: routerchecker
spec:
type: middleware.http.routerchecker
version: v1
metadata:
- name: rule
value: "^[A-Za-z0-9/._-]+$"
```
In this example, the above definition would result in the following PASS/FAIL cases:
```shell
PASS /v1.0/invoke/demo/method/method
PASS /v1.0/invoke/demo.default/method/method
PASS /v1.0/invoke/demo.default/method/01
PASS /v1.0/invoke/demo.default/method/METHOD
PASS /v1.0/invoke/demo.default/method/user/info
PASS /v1.0/invoke/demo.default/method/user_info
PASS /v1.0/invoke/demo.default/method/user-info
FAIL /v1.0/invoke/demo.default/method/cat password
FAIL /v1.0/invoke/demo.default/method/" AND 4210=4210 limit 1
FAIL /v1.0/invoke/demo.default/method/"$(curl
```
## Spec metadata fields
| Field | Details | Example |
|-------|---------|---------|
| rule | the regexp expression to be used by the HTTP request RouterChecker | `^[A-Za-z0-9/._-]+$`|
## Dapr configuration
To be applied, the middleware must be referenced in [configuration]({{< ref configuration-concept.md >}}). See [middleware pipelines]({{< ref "middleware.md#customize-processing-pipeline">}}).
```yaml
apiVersion: dapr.io/v1alpha1
kind: Configuration
metadata:
name: appconfig
spec:
httpPipeline:
handlers:
- name: routerchecker
type: middleware.http.routerchecker
```
## Related links
- [Middleware]({{< ref middleware.md >}})
- [Configuration concept]({{< ref configuration-concept.md >}})
- [Configuration overview]({{< ref configuration-overview.md >}})