Skip to content

Allow excluding traffic by matching headers #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 26, 2023
Merged

Allow excluding traffic by matching headers #5

merged 1 commit into from
May 26, 2023

Conversation

@pboos
Copy link
Contributor

@pboos pboos commented May 25, 2023

Exclude requests from validation by specifying headers that match a specific pattern.

This allows to exclude requests from bots that are identifiable through headers.

This can be configured through application.properties like the following:

openapi.validation.excluded-headers[0]=User-Agent: .*(bingbot|googlebot).*
openapi.validation.excluded-headers[1]=x-is-bot: true

@pboos pboos requested review from a team and eleonoraborghi May 25, 2023 15:47
eleonoraborghi
eleonoraborghi reviewed May 26, 2023
View reviewed changes
...i/src/main/java/com/getyourguide/openapi/validation/api/selector/DefaultTrafficSelector.java
private boolean isRequestExcludedByHeader(RequestMetaData request) {
return excludedHeaders.stream().anyMatch(excludedHeader -> {
var headerValue = request.getHeaders().get(excludedHeader.headerName());
return headerValue != null && excludedHeader.headerValuePattern().matcher(headerValue).matches();
Copy link

@eleonoraborghi eleonoraborghi May 26, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just out of curiosity, is it possible to have headerValue == null IYO?

Copy link
Contributor Author

@pboos pboos May 26, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes it is possible because we go through the list of headers one wants to exclude like x-is-bot. Then request.getHeaders().get("x-is-bot"); can return null if there is no such header sent in the request.

Copy link
Contributor Author

@pboos pboos May 26, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Screenshot 2023-05-26 at 08 48 59

eleonoraborghi
eleonoraborghi approved these changes May 26, 2023
View reviewed changes
Copy link

@eleonoraborghi eleonoraborghi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🐑 it

@pboos pboos merged commit 63a0ceb into main May 26, 2023
@pboos pboos deleted the feature/allow-excluding-traffic-by-headers branch June 9, 2023 08:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@eleonoraborghi eleonoraborghi eleonoraborghi approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@pboos @eleonoraborghi