This is an automated email from the ASF dual-hosted git repository.
mlibbey pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 93394591aa hrw4u: add inbound.cookie (#12306)
93394591aa is described below
commit 93394591aadba0aa67612e6dbd7864fd115d3da2
Author: mlibbey <[email protected]>
AuthorDate: Mon Jun 30 17:59:13 2025 -0700
hrw4u: add inbound.cookie (#12306)
This allows an configuration to either write conditionals with
cookie (which stems from original header_rewrite), or a new
inbound.cookie -- which might be more expected given the other
'contextual' objects.
---
doc/admin-guide/configuration/hrw4u.en.rst | 6 +++---
tools/hrw4u/src/symbols.py | 6 ++++--
tools/hrw4u/tests/data/conds/cookie.ast.txt | 2 +-
tools/hrw4u/tests/data/conds/cookie.input.txt | 9 +++++++--
tools/hrw4u/tests/data/conds/cookie.output.txt | 8 ++++++--
5 files changed, 21 insertions(+), 10 deletions(-)
diff --git a/doc/admin-guide/configuration/hrw4u.en.rst
b/doc/admin-guide/configuration/hrw4u.en.rst
index 3b916faf93..1ed4001853 100644
--- a/doc/admin-guide/configuration/hrw4u.en.rst
+++ b/doc/admin-guide/configuration/hrw4u.en.rst
@@ -149,7 +149,7 @@ cond %{CACHE} =hit-fresh cache() == "hit-fresh"
Cache lookup
cond %{CIDR:24,48} =ip cidr(24,48) == "ip" Match
masked client IP address
cond %{CLIENT-HEADER:X} =foo inbound.req.X == "foo" Original
client request header
cond %{CLIENT-URL:<C> =bar inbound.url.<C> == "bar" URL
component match, ``C`` is ``host``, ``path`` etc.
-cond %{COOKIE:foo} =bar cookie.foo == "bar" Check a
cookie value
+cond %{COOKIE:foo} =bar {in,out}bound.cookie.foo == "bar" Check a
cookie value
cond %{FROM-URL:<C>} =bar from.url.<C> == "bar" Remap
``From URL`` component match, ``C`` is ``host`` etc.
cond %{HEADER:X} =foo {in,out}bound.req.X == "foo" Context
sensitive header conditions
cond %{ID:UNIQUE} =... id.UNIQUE == "..." Unique
transaction identifier
@@ -191,7 +191,7 @@ Header Rewrite HRW4U
Description
============================= =================================
================================================
counter my_stat counter("my_stat") Increment
internal counter
rm-client-header X-Foo inbound.req.X-Foo = "" Remove a
client request header
-rm-cookie foo cookie.foo = "" Remove a cookie
+rm-cookie foo {in,out}bound.cookie.foo = "" Remove the
cookie named foo
rm-destination <C> inbound.url.<C> = "" Remove an URL
component, ``C`` is path, query etc.
rm-header X-Foo {in,out}bound.req.X-Foo = "" Context
sensitive header removal
rm-destination QUERY ... remove_query("foo,bar") Remove
specified query keys
@@ -202,7 +202,7 @@ set-body-from "https://..."; set-body-from("https://...";)
Set the response
set-config <name> 12 set-config("name", 17) Set a
configuration variable to a value
set-conn-dscp 8 inbound.conn.dscp = 8 Set the DSCP
value for the connection
set-conn-mark 17 inbound.conn.mark = 17 Set the MARK
value for the connection
-set-cookie foo bar cookie.foo = "bar" Set a response
cookie
+set-cookie foo bar {in,out}bound.cookie.foo = "bar" Set a
request/response cookie named foo
set-destination <C> bar inbound.url.<C> = "bar" Set a URL
component, ``C`` is path, query etc.
set-header X-Bar foo inbound.req.X-Bar = "foo" Assign a
client request header
set-redirect <Code> <URL> set-redirect(302, "https://...";) Set a redirect
response
diff --git a/tools/hrw4u/src/symbols.py b/tools/hrw4u/src/symbols.py
index 55fc45cd97..bdcfeb7531 100644
--- a/tools/hrw4u/src/symbols.py
+++ b/tools/hrw4u/src/symbols.py
@@ -25,17 +25,18 @@ class SymbolResolver:
# This map is for operators, which may have duplicates as in the
_CONDITIONS_MAP. Note that
# not all of conditions are valid operators.
_OPERATOR_MAP: Dict[str, Tuple[str | List[str], Optional[Callable[[str],
None]], bool, Optional[Set[str]]]] = {
- "cookie.": (["rm-cookie", "set-cookie"], Validator.quoted_or_simple(),
False, None),
"http.cntl.": ("set-http-cntl",
Validator.suffix_group(types.SuffixGroup.HTTP_CNTL_FIELDS), True, None),
"http.status.reason": ("set-status-reason",
Validator.quoted_or_simple(), False, None),
"http.status": ("set-status", Validator.range(0, 999), False, None),
"inbound.conn.dscp": ("set-conn-dscp", Validator.nbit_int(6), False,
None),
+ "inbound.cookie.": (["rm-cookie", "set-cookie"],
Validator.quoted_or_simple(), False, None),
"inbound.req.": (["rm-header", "set-header"],
Validator.quoted_or_simple(), False, None),
"inbound.resp.body": ("set-body", Validator.quoted_or_simple(), False,
None),
"inbound.resp.": (["rm-header", "set-header"],
Validator.quoted_or_simple(), False, None),
"inbound.status.reason": ("set-status-reason", Validator.range(0,
999), False, None),
"inbound.status": ("set-status", Validator.range(0, 999), False, None),
"inbound.url.": (["rm-destination", "set-destination"],
Validator.quoted_or_simple(), True, None),
+ "outbound.cookie.": (["rm-cookie", "set-cookie"],
Validator.quoted_or_simple(), False, None),
"outbound.req.": (["rm-header", "set-header"],
Validator.quoted_or_simple(), False, {"PRE_REMAP", "REMAP", "READ_REQUEST"}),
"outbound.resp.":
(
@@ -89,17 +90,18 @@ class SymbolResolver:
# Prefix matches
"capture.": ("LAST-CAPTURE", Validator.range(0, 9), False, None),
"client.cert.": ("CLIENT-CERT", None, True, None),
- "cookie.": ("COOKIE", Validator.quoted_or_simple(), False, None),
"from.url.": ("FROM-URL",
Validator.suffix_group(types.SuffixGroup.URL_FIELDS), True, None),
"geo.": ("GEO", Validator.suffix_group(types.SuffixGroup.GEO_FIELDS),
True, None),
"http.cntl.": ("HTTP-CNTL",
Validator.suffix_group(types.SuffixGroup.HTTP_CNTL_FIELDS), True, None),
"id.": ("ID", Validator.suffix_group(types.SuffixGroup.ID_FIELDS),
True, None),
"inbound.conn.": ("INBOUND",
Validator.suffix_group(types.SuffixGroup.CONN_FIELDS), True, None),
+ "inbound.cookie.": ("COOKIE", Validator.quoted_or_simple(), False,
None),
"inbound.req.": ("CLIENT-HEADER", None, False, None),
"inbound.resp.": ("HEADER", None, False, None),
"inbound.url.": ("CLIENT-URL",
Validator.suffix_group(types.SuffixGroup.URL_FIELDS), True, None),
"now.": ("NOW", Validator.suffix_group(types.SuffixGroup.DATE_FIELDS),
True, None),
"outbound.conn.": ("OUTBOUND",
Validator.suffix_group(types.SuffixGroup.CONN_FIELDS), True, None),
+ "outbound.cookie.": ("COOKIE", Validator.quoted_or_simple(), False,
None),
"outbound.req.": ("HEADER", None, False, {"PRE_REMAP", "REMAP",
"READ_REQUEST"}),
"outbound.resp.": ("HEADER", None, False, {"PRE_REMAP", "REMAP",
"READ_REQUEST", "SEND_REQUEST"}),
"outbound.url.":
diff --git a/tools/hrw4u/tests/data/conds/cookie.ast.txt
b/tools/hrw4u/tests/data/conds/cookie.ast.txt
index e7e8943660..0d21b9355c 100644
--- a/tools/hrw4u/tests/data/conds/cookie.ast.txt
+++ b/tools/hrw4u/tests/data/conds/cookie.ast.txt
@@ -1 +1 @@
-(program (section REMAP { (sectionBody (conditional (ifStatement if (condition
(expression (term (factor (comparison (comparable cookie.foobar) ~ (regex
/foo/)))))) (block { (statement inbound.req.X-Cookie = (value "there") ;) }))))
}) <EOF>)
+(program (section REMAP { (conditional (ifStatement if (condition (expression
(term (factor (comparison (comparable inbound.cookie.bar) ~ (regex /bar/))))))
(block { (statement inbound.cookie.mybar = (value "1") ;) }))) }) (section
SEND_RESPONSE { (conditional (ifStatement if (condition (expression (term
(factor ! (factor inbound.cookie.bar))))) (block { (statement
inbound.cookie.mybar = (value "1") ;) }))) }) <EOF>)
diff --git a/tools/hrw4u/tests/data/conds/cookie.input.txt
b/tools/hrw4u/tests/data/conds/cookie.input.txt
index 8b807d540e..020cb3c680 100644
--- a/tools/hrw4u/tests/data/conds/cookie.input.txt
+++ b/tools/hrw4u/tests/data/conds/cookie.input.txt
@@ -1,5 +1,10 @@
REMAP {
- if cookie.foobar ~ /foo/ {
- inbound.req.X-Cookie = "there";
+ if inbound.cookie.bar ~ /bar/ {
+ inbound.cookie.mybar = "1";
}
}
+SEND_RESPONSE {
+ if ! inbound.cookie.bar {
+ inbound.cookie.mybar = "1";
+ }
+}
\ No newline at end of file
diff --git a/tools/hrw4u/tests/data/conds/cookie.output.txt
b/tools/hrw4u/tests/data/conds/cookie.output.txt
index f7227a41b0..f96ccc8faa 100644
--- a/tools/hrw4u/tests/data/conds/cookie.output.txt
+++ b/tools/hrw4u/tests/data/conds/cookie.output.txt
@@ -1,3 +1,7 @@
cond %{REMAP_PSEUDO_HOOK} [AND]
-cond %{COOKIE:foobar} /foo/
- set-header X-Cookie "there"
+cond %{COOKIE:bar} /bar/
+ set-cookie mybar "1"
+
+cond %{SEND_RESPONSE_HDR_HOOK} [AND]
+cond %{COOKIE:bar} [NOT]
+ set-cookie mybar "1"
