jtmulvey
commented
4 years ago Marked this as in progress.
Closed pnicolucci closed 3 years ago
jtmulvey
commented
4 years ago Marked this as in progress.
wtlucy
commented
4 years ago The changes required here are straightforward:
HttpDispatcher.usePrivateHeaders() to accept a hostname param. This hostname (as well as the address) will be passed from HttpRequestMessageImpl.isPrivateHeaderTrusted() when the inbound request message is getting initialized.HttpDispatcher.parseTrustedPrivateHeaderOrigin() to parse out CIDR-formatted strings - eg. 192.168.10.0/24. Currently HttpDispatcher maintains a HashSet of trusted hosts; to improve lookup time we will expand the subnet during initialization to add every address to the existing HashSet.
NottyCode
commented
4 years ago @wtlucy can we make sure that we cover both IPv6 and IPv4 syntax when this is done?
Current description of the property: https://openliberty.io/docs/ref/config/#httpDispatcher.html#trustedSensitiveHeaderOrigin
We'll use the wildcard syntax that's used by the TCP channel include and exclide lists ex.)
trustedSensitiveHeaderOrigin="192.168.10.*"These IP segments should support IPv6 syntax was well. ex.)
trustedSensitiveHeaderOrigin="0:0:0:0:0:0:*:*"This property should additionally support hostnames, since some customers would prefer not to configure IPs. Those hostnames will also allow leading wildcards, eg.
*.ibm.com.The improvements above should also be made for the trustedHeaderOrigin property.
RFE Link: https://www.ibm.com/developerworks/rfe/execute?use_case=viewChangeRequest&CR_ID=134886
List of Steps to complete or get approvals / sign-offs for Onboarding to the Liberty release (GM date)
Instructions:
TARGET COMPLETION DATE Before Development Starts or 8 weeks before Onboarding
[x] POC Design / WAD Review Scheduled (David Chang) or N/A.
[x] POC Design / WAD Reviewed (Feature Owner) or N/A.
[x] Complete any follow-ons from the POC Review.
[x] Design / WAD Approval (Alasdair Nottingham) or N/A.
[x] No Design / No WAD Approval (Arthur De Magalhaes - cloud / Alasdair Nottingham - server) or N/A.
[x] SVT Requirements identified. (Epic owner / Feature owner with SVT focal point)
[x] ID Requirements identified. (Epic owner / Feature owner with ID focal point)
[x] Create a child task of the epic entitled "FAT Approval Test Summary". Add and fill in the template as described here: https://github.ibm.com/was-liberty/WS-CD-Open/wiki/Feature-Review-(Feature-Test-Summary-Process)
TARGET COMPLETION DATE 3 weeks before Onboarding
[x] Identify all open source libraries that are changing or are new. Work with Legal Release Services (Cass Tucker or Release PM) to get open source cleared and approved. Or N/A. (Epic Owner). New or changed open source impacts license and Certificate of Originality.
TARGET COMPLETION DATE 3 weeks before Onboarding
[x] All new or changed PII messages are checked into the integration branch, before the last translation shipment out. (Epic Owner)
TARGET COMPLETION DATE 2 weeks before Onboarding
[x] Implementation complete. (Epic owner / Feature owner)
[x] All function tests complete. Ready for FAT Approval. (Epic owner / Feature owner)
[ ] Review all known issues for Stop Ship. (Epic owner / Feature owner / PM)
APPROVALS with TARGET COMPLETION DATE 2 to 1 week before Onboarding
Prereq: You must have the Design Approved or No Design Approved label on the GitHub Epic.
[x] Accessibility - (G Scott Johnston). Accessibility testing is complete or N/A. Approver adds label focalApproved:accessibility to the Epic in Github.
[x] FAT Liberty SOE - (Kevin Smith). SOE FATS are running successfully or N/A . Approver adds label focalApproved:fat to the Epic in Github.
[x] Globalization (Marika Joannidis - Liberty / Simy Cheeran - tWAS). Translation is complete or N/A. TVT - complete or N/A. Approver adds label focalApproved:globalization to the Epic in Github.
[x] ID - (Kareen Deen). Documentation work is complete or N/A . Approver adds label focalApproved:id to the Epic in Github.
[x] Performance - (Jared Anderson). Performance testing is complete with no high severity defects or N/A . Approver adds label focalApproved:performance to the Epic in Github.
[x] Serviceability - (Don Bourne). Serviceability has been addressed.
[x] STE - (Swati Kasundra). STE chart deck is complete or N/A . Approver adds label focalApproved:ste to the Epic in Github.
[x] SVT - (Greg Ecock - Cloud, Brian Hanczaryk- APS). SVT is complete or N/A . Approver adds label focalApproved:svt to the Epic in Github.
[x] Demo - (Liberty only - Tom Evans or Chuck Bridgham). Demo is scheduled for an upcoming EOI. Approver adds label focalApproved:demo to the Epic in Github.
TARGET COMPLETION DATE 1 week before Onboarding
[x] No Stop Ship issues for the feature. (Epic owner / Feature owner / Release PM)
[x] Ship Readiness Review and Release Notes completed (Epic owner / Feature owner / Release PM)
[x] Github Epic and Epic's issues are closed / complete. All PRs are committed to the master branch. (Epic owner / Feature owner / Backlog Subtribe PM)
NOT REQUIRED FOR A FEATURE
[ ] OL Guides - (Yee-Kang Chang). Assessment for OL Guides is complete or N/A.
[ ] WDT - (Leonard Theivendra). WDT work complete or N/A.
Related Deliverables TARGET COMPLETION DATE General Availability
[x] Blog article writeup (Epic owner / Feature owner / Laura Cowen)