DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Validate ingress path fields (#9309)

Browse source 
* Validate characters in path fields

* Add e2e tests for path validation

* Fix review comments
This commit is contained in:
Ricardo Katz 2022-11-17 09:24:40 -03:00 committed by GitHub
parent b6c6305523
commit c1413e6079
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 249 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
internal/ingress/controller/store/store.go
View file

@ -59,6 +59,7 @@ import (
"k8s.io/ingress-nginx/internal/ingress/resolver"
"k8s.io/ingress-nginx/internal/k8s"
"k8s.io/ingress-nginx/pkg/apis/ingress"
ingressutils "k8s.io/ingress-nginx/pkg/util/ingress"
)
// IngressFilterFunc decides if an Ingress should be omitted or not
@ -861,6 +862,10 @@ func (s *k8sStore) syncIngress(ing *networkingv1.Ingress) {
if path.Path == "" {
copyIng.Spec.Rules[ri].HTTP.Paths[pi].Path = "/"
}
if !ingressutils.IsSafePath(copyIng, path.Path) {
klog.Warningf("ingress %s contains invalid path %s", key, path.Path)
return
}
}
}