From 3657480a79ca972db87cf5a842d32e8f52ca553d Mon Sep 17 00:00:00 2001
From: Alyssa Wilk <alyssar@chromium.org>
Date: Mon, 23 Sep 2019 11:34:42 -0400
Subject: [PATCH 1/2] http: turning on absolute url support by default

Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
---
 docs/root/intro/version_history.rst  |  1 +
 source/common/http/utility.cc        |  2 +-
 test/integration/integration_test.cc | 15 +++++++--------
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/docs/root/intro/version_history.rst b/docs/root/intro/version_history.rst
index fdbbb5c3c172..a9b5d8894341 100644
--- a/docs/root/intro/version_history.rst
+++ b/docs/root/intro/version_history.rst
@@ -32,6 +32,7 @@ Version history
 * http: added the ability to configure the behavior of the server response header, via the :ref:`server_header_transformation<envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.server_header_transformation>` field.
 * http: added the ability to :ref:`merge adjacent slashes<envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.merge_slashes>` in the path.
 * http: remove h2c upgrade headers for HTTP/1 as h2c upgrades are currently not supported.
+* http: absolute URL support is not on by default. The prior behavior can be reinstated by setting :ref:`allow_absolute_url <envoy_api_field_core.Http1ProtocolOptions.allow_absolute_url>` to false.
 * listeners: added :ref:`continue_on_listener_filters_timeout <envoy_api_field_Listener.continue_on_listener_filters_timeout>` to configure whether a listener will still create a connection when listener filters time out.
 * listeners: added :ref:`HTTP inspector listener filter <config_listener_filters_http_inspector>`.
 * lua: extended `httpCall()` and `respond()` APIs to accept headers with entry values that can be a string or table of strings.
diff --git a/source/common/http/utility.cc b/source/common/http/utility.cc
index 11bedbeba907..65a708903745 100644
--- a/source/common/http/utility.cc
+++ b/source/common/http/utility.cc
@@ -273,7 +273,7 @@ Utility::parseHttp2Settings(const envoy::api::v2::core::Http2ProtocolOptions& co
 Http1Settings
 Utility::parseHttp1Settings(const envoy::api::v2::core::Http1ProtocolOptions& config) {
   Http1Settings ret;
-  ret.allow_absolute_url_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, allow_absolute_url, false);
+  ret.allow_absolute_url_ = PROTOBUF_GET_WRAPPED_OR_DEFAULT(config, allow_absolute_url, true);
   ret.accept_http_10_ = config.accept_http_10();
   ret.default_host_for_http_10_ = config.default_host_for_http_10();
   return ret;
diff --git a/test/integration/integration_test.cc b/test/integration/integration_test.cc
index 74a487a25e82..02a4a0ccc7b2 100644
--- a/test/integration/integration_test.cc
+++ b/test/integration/integration_test.cc
@@ -33,11 +33,12 @@ std::string normalizeDate(const std::string& s) {
   return std::regex_replace(s, date_regex, "date: Mon, 01 Jan 2017 00:00:00 GMT");
 }
 
-void setAllowAbsoluteUrl(
+void setDisallowAbsoluteUrl(
     envoy::config::filter::network::http_connection_manager::v2::HttpConnectionManager& hcm) {
   envoy::api::v2::core::Http1ProtocolOptions options;
-  options.mutable_allow_absolute_url()->set_value(true);
-  hcm.mutable_http_protocol_options()->CopyFrom(options);
+  //  options.mutable_allow_absolute_url()->set_value(false);
+  //  hcm.mutable_http_protocol_options()->CopyFrom(options);
+  hcm.mutable_http_protocol_options()->mutable_allow_absolute_url()->set_value(false);
 };
 
 void setAllowHttp10WithDefaultHost(
@@ -393,6 +394,7 @@ TEST_P(IntegrationTest, NoHost) {
 }
 
 TEST_P(IntegrationTest, BadPath) {
+  config_helper_.addConfigModifier(&setDisallowAbsoluteUrl);
   initialize();
   std::string response;
   sendRawHttpAndWaitForResponse(lookupPort("http"),
@@ -407,7 +409,6 @@ TEST_P(IntegrationTest, AbsolutePath) {
   auto host = config_helper_.createVirtualHost("www.redirect.com", "/");
   host.set_require_tls(envoy::api::v2::route::VirtualHost::ALL);
   config_helper_.addVirtualHost(host);
-  config_helper_.addConfigModifier(&setAllowAbsoluteUrl);
 
   initialize();
   std::string response;
@@ -423,7 +424,6 @@ TEST_P(IntegrationTest, AbsolutePathWithPort) {
   auto host = config_helper_.createVirtualHost("www.namewithport.com:1234", "/");
   host.set_require_tls(envoy::api::v2::route::VirtualHost::ALL);
   config_helper_.addVirtualHost(host);
-  config_helper_.addConfigModifier(&setAllowAbsoluteUrl);
   initialize();
   std::string response;
   sendRawHttpAndWaitForResponse(
@@ -440,7 +440,6 @@ TEST_P(IntegrationTest, AbsolutePathWithoutPort) {
   auto host = config_helper_.createVirtualHost("www.namewithport.com:1234", "/");
   host.set_require_tls(envoy::api::v2::route::VirtualHost::ALL);
   config_helper_.addVirtualHost(host);
-  config_helper_.addConfigModifier(&setAllowAbsoluteUrl);
   initialize();
   std::string response;
   sendRawHttpAndWaitForResponse(lookupPort("http"),
@@ -460,8 +459,8 @@ TEST_P(IntegrationTest, Connect) {
     cloned_listener->CopyFrom(*old_listener);
     old_listener->set_name("http_forward");
   });
-  // Set the first listener to allow absolute URLs.
-  config_helper_.addConfigModifier(&setAllowAbsoluteUrl);
+  // Set the first listener to disallow absolute URLs.
+  config_helper_.addConfigModifier(&setDisallowAbsoluteUrl);
   initialize();
 
   std::string response1;

From c17027dadf3859161eb0bb428e31465e9167c670 Mon Sep 17 00:00:00 2001
From: Alyssa Wilk <alyssar@chromium.org>
Date: Mon, 23 Sep 2019 12:46:31 -0400
Subject: [PATCH 2/2] reviewer comments

Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
---
 docs/root/intro/version_history.rst  | 2 +-
 test/integration/integration_test.cc | 3 ---
 2 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/docs/root/intro/version_history.rst b/docs/root/intro/version_history.rst
index a9b5d8894341..f7582b5c1af6 100644
--- a/docs/root/intro/version_history.rst
+++ b/docs/root/intro/version_history.rst
@@ -32,7 +32,7 @@ Version history
 * http: added the ability to configure the behavior of the server response header, via the :ref:`server_header_transformation<envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.server_header_transformation>` field.
 * http: added the ability to :ref:`merge adjacent slashes<envoy_api_field_config.filter.network.http_connection_manager.v2.HttpConnectionManager.merge_slashes>` in the path.
 * http: remove h2c upgrade headers for HTTP/1 as h2c upgrades are currently not supported.
-* http: absolute URL support is not on by default. The prior behavior can be reinstated by setting :ref:`allow_absolute_url <envoy_api_field_core.Http1ProtocolOptions.allow_absolute_url>` to false.
+* http: absolute URL support is now on by default. The prior behavior can be reinstated by setting :ref:`allow_absolute_url <envoy_api_field_core.Http1ProtocolOptions.allow_absolute_url>` to false.
 * listeners: added :ref:`continue_on_listener_filters_timeout <envoy_api_field_Listener.continue_on_listener_filters_timeout>` to configure whether a listener will still create a connection when listener filters time out.
 * listeners: added :ref:`HTTP inspector listener filter <config_listener_filters_http_inspector>`.
 * lua: extended `httpCall()` and `respond()` APIs to accept headers with entry values that can be a string or table of strings.
diff --git a/test/integration/integration_test.cc b/test/integration/integration_test.cc
index 02a4a0ccc7b2..19c5bfb5ec79 100644
--- a/test/integration/integration_test.cc
+++ b/test/integration/integration_test.cc
@@ -35,9 +35,6 @@ std::string normalizeDate(const std::string& s) {
 
 void setDisallowAbsoluteUrl(
     envoy::config::filter::network::http_connection_manager::v2::HttpConnectionManager& hcm) {
-  envoy::api::v2::core::Http1ProtocolOptions options;
-  //  options.mutable_allow_absolute_url()->set_value(false);
-  //  hcm.mutable_http_protocol_options()->CopyFrom(options);
   hcm.mutable_http_protocol_options()->mutable_allow_absolute_url()->set_value(false);
 };