From dfbc33f11025e5205f0062ea5957dcd17826ac82 Mon Sep 17 00:00:00 2001 From: Hannah Hunter <94493363+hhunter-ms@users.noreply.github.com> Date: Wed, 6 Jul 2022 19:25:15 -0500 Subject: [PATCH] Add middleware-routerchecker.md to v1.7 (#2623) * add file Signed-off-by: Hannah Hunter * add to table Signed-off-by: Hannah Hunter * Update daprdocs/data/components/middleware/http.yaml Co-authored-by: greenie-msft <56556602+greenie-msft@users.noreply.github.com> Co-authored-by: Mark Fussell --- .../middleware-routerchecker.md | 71 +++++++++++++++++++ daprdocs/data/components/middleware/http.yaml | 5 ++ 2 files changed, 76 insertions(+) create mode 100644 daprdocs/content/en/reference/components-reference/supported-middleware/middleware-routerchecker.md diff --git a/daprdocs/content/en/reference/components-reference/supported-middleware/middleware-routerchecker.md b/daprdocs/content/en/reference/components-reference/supported-middleware/middleware-routerchecker.md new file mode 100644 index 000000000..91323b93a --- /dev/null +++ b/daprdocs/content/en/reference/components-reference/supported-middleware/middleware-routerchecker.md @@ -0,0 +1,71 @@ +--- +type: docs +title: "RouterChecker http request routing" +linkTitle: "RouterChecker" +description: "Use routerchecker middleware to block invalid http request routing" +aliases: +- /developing-applications/middleware/supported-middleware/middleware-routerchecker/ +--- + +The RouterChecker HTTP [middleware]({{< ref middleware.md >}}) component leverages regexp to check the validity of HTTP request routing to prevent invalid routers from entering the Dapr cluster. In turn, the RouterChecker component filters out bad requests and reduces noise in the telemetry and log data. + +## Component format + +The RouterChecker applies a set of rules to the incoming HTTP request. You define these rules in the component metadata using regular expressions. In the following example, the HTTP request RouterChecker is set to validate all requests message against the `^[A-Za-z0-9/._-]+$`: regex. + +```yaml +apiVersion: dapr.io/v1alpha1 +kind: Component +metadata: + name: routerchecker +spec: + type: middleware.http.routerchecker + version: v1gi + metadata: + - name: rule + value: "^[A-Za-z0-9/._-]+$" +``` + +In this example, the above definition would result in the following PASS/FAIL cases: + +```shell +PASS /v1.0/invoke/demo/method/method +PASS /v1.0/invoke/demo.default/method/method +PASS /v1.0/invoke/demo.default/method/01 +PASS /v1.0/invoke/demo.default/method/METHOD +PASS /v1.0/invoke/demo.default/method/user/info +PASS /v1.0/invoke/demo.default/method/user_info +PASS /v1.0/invoke/demo.default/method/user-info + +FAIL /v1.0/invoke/demo.default/method/cat password +FAIL /v1.0/invoke/demo.default/method/" AND 4210=4210 limit 1 +FAIL /v1.0/invoke/demo.default/method/"$(curl +``` + +## Spec metadata fields + +| Field | Details | Example | +|-------|---------|---------| +| rule | the regexp expression to be used by the HTTP request RouterChecker | `^[A-Za-z0-9/._-]+$`| + +## Dapr configuration + +To be applied, the middleware must be referenced in [configuration]({{< ref configuration-concept.md >}}). See [middleware pipelines]({{< ref "middleware.md#customize-processing-pipeline">}}). + +```yaml +apiVersion: dapr.io/v1alpha1 +kind: Configuration +metadata: + name: appconfig +spec: + httpPipeline: + handlers: + - name: routerchecker + type: middleware.http.routerchecker +``` + +## Related links + +- [Middleware]({{< ref middleware.md >}}) +- [Configuration concept]({{< ref configuration-concept.md >}}) +- [Configuration overview]({{< ref configuration-overview.md >}}) \ No newline at end of file diff --git a/daprdocs/data/components/middleware/http.yaml b/daprdocs/data/components/middleware/http.yaml index 06295a53f..c947d8831 100644 --- a/daprdocs/data/components/middleware/http.yaml +++ b/daprdocs/data/components/middleware/http.yaml @@ -23,6 +23,11 @@ state: Alpha version: v1 description: Applies [Rego/OPA Policies](https://www.openpolicyagent.org/) to incoming Dapr HTTP requests +- component: RouterChecker + link: middleware-routerchecker + state: Alpha + version: v1 + description: Use RouterChecker middleware to block invalid http request routing - component: Uppercase link: middleware-uppercase state: Stable