higress

jiazhizhong/higress

Fork 0

mirror of https://github.com/alibaba/higress.git synced 2026-02-24 04:30:51 +08:00

Files

History

Kent Dong a5ef4cd482 docs: translate the document of request block plugin to English. (#150 )

2023-01-31 10:13:04 +08:00

extensions

docs: translate the document of request block plugin to English. (#150 )

2023-01-31 10:13:04 +08:00

pkg

Add global config parse error (#65 )

2022-11-29 19:37:27 +08:00

Dockerfile

Add wasm plugin contribution introduction (#47 )

2022-11-10 09:52:54 +08:00

go.mod

Add wasm plugin contribution introduction (#47 )

2022-11-10 09:52:54 +08:00

go.sum

Add plugins (#27 )

2022-11-04 17:46:43 +08:00

README_EN.md

docs: translate the document of request block plugin to English. (#150 )

2023-01-31 10:13:04 +08:00

README.md

docs: translate the document of request block plugin to English. (#150 )

2023-01-31 10:13:04 +08:00

README_EN.md

Intro

This SDK is used to develop the WASM Plugins of Higress.

Requirements

(need support Go's type parameters)

Go version: >= 1.18

TinyGo version: >= 0.25.0

Quick Examples

Use the request-block as an example

step1. compile to wasm

tinygo build -o main.wasm -scheduler=none -target=wasi ./example/request-block/main.go

step2. build&push docker image

Use this dockerfile.

docker build -t <your_registry_hub>/request-block:1.0.0 .
docker push <your_registry_hub>/request-block:1.0.0

step3. create WasmPlugin resource

Read this document to learn more about wasmplugin.

apiVersion: extensions.higress.io/v1alpha1
kind: WasmPlugin
metadata:
  name: request-block
  namespace: higress-system
spec:
  selector:
    matchLabels:
      higress: higress-system-higress-gateway
  defaultConfig:
    block_urls:
    - "swagger.html"
  url: oci://<your_registry_hub>/request-block:1.0.0

If the url in request contains the swagger.html, the request will be blocked.

curl <your_gateway_address>/api/user/swagger.html

HTTP/1.1 403 Forbidden
date: Wed, 09 Nov 2022 12:12:32 GMT
server: istio-envoy
content-length: 0

route-level & domain-level takes effect

apiVersion: extensions.higress.io/v1alpha1
kind: WasmPlugin
metadata:
  name: request-block
  namespace: higress-system
spec:
  selector:
    matchLabels:
      higress: higress-system-higress-gateway 
  defaultConfig:
   # this config will take effect globally (all incoming requests not matched by rules below)
   block_urls:
   - "swagger.html"
  matchRules:
  # ingress-level takes effect
  - ingress:
    - default/foo
    # the ingress foo in namespace default will use this config
    config:
      block_bodies:
      - "foo"
  - ingress:
    - default/bar
    # the ingress bar in namespace default will use this config
    config:
      block_bodies:
      - "bar"
  # domain-level takes effect
  - domain:
    - "*.example.com"
    # if the request's domain matched, this config will be used
    config:
      block_bodies:
       - "foo"
       - "bar"
  url: oci://<your_registry_hub>/request-block:1.0.0

The rules will be matched in the order of configuration. If one match is found, it will stop, and the matching configuration will take effect.