consul/ui
Michael Zalimeni d9206fc7e2
[NET-1151 NET-11228] security: Add request normalization and header match options to prevent L7 intentions bypass (#21816)
mesh: add options for HTTP incoming request normalization

Expose global mesh configuration to enforce inbound HTTP request
normalization on mesh traffic via Envoy xDS config.

mesh: enable inbound URL path normalization by default

mesh: add support for L7 header match contains and ignore_case

Enable partial string and case-insensitive matching in L7 intentions
header match rules.

ui: support L7 header match contains and ignore_case

Co-authored-by: Phil Renaud <phil@riotindustries.com>

test: add request normalization integration bats tests

Add both "positive" and "negative" test suites, showing normalization in
action as well as expected results when it is not enabled, for the same
set of test cases.

Also add some alternative service container test helpers for verifying
raw HTTP request paths, which is difficult to do with Fortio.

docs: update security and reference docs for L7 intentions bypass prevention

- Update security docs with best practices for service intentions
  configuration
- Update configuration entry references for mesh and intentions to
  reflect new values and add guidance on usage
2024-10-16 12:23:33 -04:00
..
packages [NET-1151 NET-11228] security: Add request normalization and header match options to prevent L7 intentions bypass (#21816) 2024-10-16 12:23:33 -04:00
.gitignore
.nvmrc Upgrade Consul UI to Node 18 (#19252) 2023-10-23 12:29:04 -06:00
.yarnrc [ui] File-specified deps for consul-ui (#21378) 2024-07-08 16:36:29 -04:00
GNUmakefile UI: update Ember to 3.28.6 (#16616) 2023-03-20 15:41:47 -07:00
README.md OSS -> CE (community edition) changes (#18517) 2023-08-22 09:46:03 -05:00
package.json [ui] Pin ansi-html to 0.0.8 (#21735) 2024-09-16 11:22:00 -04:00
vercel.json
yarn.lock [ui] Pin ansi-html to 0.0.8 (#21735) 2024-09-16 11:22:00 -04:00

README.md

Consul UI Monorepo

This monorepo contains multiple projects, the UI for Consul and addons and packages used by the UI.

This top-level repository provides limited common tasks, such as installation and commit assistance. However, most tasks must be executed from within a subproject, e.g. running or testing.

If you are looking to work on the Consul UI you probably want to read the README that is in ./packages/consul-ui/README.md.

Table of Contents generated with DocToc

Prerequisites

You will need the following things properly installed on your computer.

Installation

  • git clone https://github.com/hashicorp/consul.git this repository
  • cd ui
  • yarn

Yarn Commands

List of available project commands. yarn run <command-name>

Command Description
doc:toc Re-builds the ToC for this README.
compliance:licenses Checks that all dependencies have CE-compatible licenses.

Contributing

Building ToC

To autogenerate a ToC (table of contents) for this README, run yarn doc:toc. Please update the ToC whenever editing the structure of README.