-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Suggest not to forward hop-to-htop http headers to grpc #48
Comments
Personally, I don't see the value of not passing the headers. There are lots of situations where you might want access to other standard headers, that don't have the prefix. I have used them for authentication and it's good to have access in situations where you can't change the incoming headers (like in the case of AWS lambdas, for example) and I like having access to them. What do you get from them being blocked? I'd accept a PR, if you want to add an option (with current behavior as default) to block headers that don't have a prefix.
I think both of our projects don't really have a standard to follow, or have to work like the other. My gateway was created a bit after theirs, but is definitely it's own thing, and works totally different. For example, that one requires that you generate all the code up-front, whereas mine is on-the-fly, which has a small startup cost, but is easier to prototype with. Mine exposes express middleware. I think you'll find all kinds of things that differ like this, and that's ok. |
HTTP headers can be divided into two categories: end-to-end header and hop-to-hop header. 1 2 3. Hop-to-hop headers are meaningful only for a single transport-level connection. So generally proxies will not pass hop-to-hop headers, such as 4. Why I encounter this problem: So I think not forwarding hop-to-htop headers, at least the most used 'connection', may be a good idea. |
Hmm. As I mentioned there are lots of use-cases where you might want other headers, or to not have to change the names. I like to keep things simple, so I'd rather not have a lookup table of end-to-end vs hop-to-hop headers to maintain, if I can help it. When I have used this tool in my own projects, I wanted it to be a very thin layer, so I could just inject it into another express-based app, and for the most part I think it accomplishes that goal. I'd put any special logic at the grpc level, instead of taking it on to the gateway. I'm still not convinced it's a good idea, but I'm not against it either. An issue I had with grpc-ecosystem/grpc-gateway is that I had to restructure my headers, which isn't always possible (like the lambda example I gave) or doing so would make things less standard (like It seems like your use-case could be solved in several ways:
For the last 2, there might even be a config option or something. I'm not sure, as I don't use these. |
in the current code
grpc-dynamic-gateway/index.js
Line 229 in 3cb723f
While in the official grpc-gateway, only header starting with 'Grpc-Metadata-' will be mapped to gRPC metadata.
https://github.com/grpc-ecosystem/grpc-gateway/blob/26104fd424bf45f44d498149b071ef657d604f2b/runtime/mux.go#L70
The text was updated successfully, but these errors were encountered: