http: make HeaderHashMethod hashing all the header values#15486
http: make HeaderHashMethod hashing all the header values#15486snowp merged 27 commits intoenvoyproxy:mainfrom
Conversation
Previously the HeaderHashMehod only hash the first value of header. This commit aims to hash all the values of header. Signed-off-by: He Jie Xu <hejie.xu@intel.com>
|
One quick note: I see you force-pushed earlier. Please refrain from doing that for Envoy github reviews; it loses comment threads. Just "merge main". Thank you! |
Thanks for the reminder. I already that from my first PR. Actually, I force update it since it is the first push and no other comments yet. I will keep that in mind in later update. |
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
jmarantz
left a comment
There was a problem hiding this comment.
Code looks much better now, just a minor nit in the test remains.
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
|
Also I'm not sure what's up with CI. Can you merge main? Don't force-push. |
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
Done |
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
jmarantz
left a comment
There was a problem hiding this comment.
Looks great; just a few comments.
source/common/common/hash.h
Outdated
| static uint64_t xxHash64(absl::InlinedVector<absl::string_view, 1>& input, uint64_t seed = 0) { | ||
| uint64_t hash = seed; | ||
| if (input.size() == 0) { | ||
| hash = XXH64(input.data(), input.size(), hash); |
There was a problem hiding this comment.
does this case occur?
If so, just use XX64(nullptr, 0, seed)
There was a problem hiding this comment.
Or maybe just don't test for that. Remove the if and let it return seed on an empty array.
There was a problem hiding this comment.
We didn't use that case when hashing the header value, special with the check num_headers_to_hash:
envoy/source/common/http/hash_policy.cc
Line 71 in ce1e9a7
I just match this behavior with static uint64_t xxHash64(absl::string_view input, uint64_t seed = 0) .
Then those two methods get the same value for empty string and empty vector, you can see that from the unittest
envoy/test/common/common/hash_test.cc
Lines 6 to 19 in ce1e9a7
The upside to handle this empty vector case is in case someone pass the empty vector, then it will get a same behavior just like the empty string one.
But I'm also ok to remove it if you think it needless to a case we didn't use it today.
source/common/common/hash.h
Outdated
| hash = XXH64(input.data(), input.size(), hash); | ||
| } else { | ||
| for (auto& i : input) { | ||
| hash = XXH64(i.data(), i.size(), hash); |
There was a problem hiding this comment.
Nice I hadn't thought of using the seed arg to XX64 as a carry.
source/common/http/hash_policy.cc
Outdated
| } | ||
| } | ||
|
|
||
| if (check_multiple_values && (num_headers_to_hash > 1)) { |
There was a problem hiding this comment.
I think Matt commented above but you don't need this conditional. num_headers_hash can be set to a value greater than one online if check_multiple_values is true, and the sorting will be a no-op for size==1.
There was a problem hiding this comment.
that is what Matt is look for, better to have @mattklein123 check again. also I have comment about the runtime flag above, it may needn't this check anymore.
There was a problem hiding this comment.
See my above comment. I think we do need the flag, but we can just set the size to 1 or not above and then we can collapse all of this logic.
There was a problem hiding this comment.
I updated, hope I understand correctly.
source/common/http/hash_policy.cc
Outdated
| } | ||
| } | ||
|
|
||
| if (check_multiple_values && (num_headers_to_hash > 1)) { |
There was a problem hiding this comment.
See my above comment. I think we do need the flag, but we can just set the size to 1 or not above and then we can collapse all of this logic.
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
jmarantz
left a comment
There was a problem hiding this comment.
Looks great, thank you! One tiny comment.
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
snowp
left a comment
There was a problem hiding this comment.
LGTM!
Can you merge main to pick up a CI fix?
mattklein123
left a comment
There was a problem hiding this comment.
Thanks LGTM. Will defer to others for merge.
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
|
Thanks for all the review! just merged with main. |
…#15486) Previously the HeaderHashMehod only hash the first value of header. This commit aims to hash all the values of header. Signed-off-by: He Jie Xu <hejie.xu@intel.com>
Commit Message: http: make HeaderHashMethod hashing all the header values
Additional Description:
Previously the HeaderHashMehod only hash the first value of the header.
This PR aims to hash all the values of the header. The new behavior also can be
disabled by the new runtime guard
envoy.reloadable_features.hash_multiple_header_values.Risk Level: low
Testing: unit-test added
Docs Changes: n/a
Release Notes: add note for new feature
Fixes #15182
Signed-off-by: He Jie Xu hejie.xu@intel.com