Validate endpoint by domain name #499
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jimmyca15
reviewed
Nov 21, 2023
|
|
||
| if (_validDomains == null || !_validDomains.Any()) | ||
| foreach (string domainPrefix in TrustedDomainPrefixes) |
There was a problem hiding this comment.
The search needs to be from right to left.
There was a problem hiding this comment.
Seems to be fine since you look for segment prefixed with label separator.
There was a problem hiding this comment.
I'd still feel better if we went from right to left and found exact label match because conceptually that's what we're going for.
There was a problem hiding this comment.
Perhaps .LastIndexOf($".{label}.")
There was a problem hiding this comment.
Got you, I will update
There was a problem hiding this comment.
@jimmyca15 But we have a domain in such a pattern right? Like azconfig-test.io , so can we make exact label match? Or we list all labels we have (or potentially have in the future) and traverse them?
There was a problem hiding this comment.
We'll have to think about azconfig-test.io. Most likely, we'll have to phase it out and adopt a proper .azconfig.xyz domain in ppe.
jimmyca15
reviewed
Nov 21, 2023
| private DateTimeOffset _lastFallbackClientRefresh = default; | ||
| private DateTimeOffset _lastFallbackClientRefreshAttempt = default; | ||
| private Logger _logger = new Logger(); | ||
|
|
||
| private static readonly TimeSpan FallbackClientRefreshExpireInterval = TimeSpan.FromHours(1); | ||
| private static readonly TimeSpan MinimalClientRefreshInterval = TimeSpan.FromSeconds(30); | ||
| private static readonly string[] TrustedDomainPrefixes = new[] { ".azconfig", ".appconfig" }; |
There was a problem hiding this comment.
It's not a prefix. azconfig and appconfig are both "label"s in the domain name.
jimmyca15
approved these changes
Nov 22, 2023
jimmyca15
requested changes
Nov 22, 2023
jimmyca15
reviewed
Nov 22, 2023
src/Microsoft.Extensions.Configuration.AzureAppConfiguration/ConfigurationClientManager.cs
Outdated
Show resolved
Hide resolved
jimmyca15
approved these changes
Nov 28, 2023
RichardChen820
added a commit
that referenced
this pull request
Nov 28, 2023
* Validate endpoint by domain name * Resolve comments * Remove *-test
RichardChen820
added a commit
that referenced
this pull request
Dec 12, 2023
* Automatic http failover base on Srv Dns * update failover condition * Logging messages for auto failover * Not use generic method * Remove useless constructor * Failover to TCP when response is truncated * Error handling of TCP failover * Resolve comments and add thrid party notice * Fix the tests * Fix the tess * Fix the test * Update to use DnsClient.NET * Remove unecessary code * Resolve conflict * Stop once it has been auto failovered * Update GetAvaliableClient method * Resolve comments * Resolve comments * Internalize getting dynamic client in ConfigurationClientManager * Fix format * Fix format * Resolve comments * Resolve comments * Resolve comments * Resolve comments * Resolve comments * Resolve comments * Resolve comments * Not await RefreshFallbackClients when startup * Revert non-await RefreshFallbackClients * Validate domain of Srv endpoints (#489) * Validate domain of Srv endpoints * Resolve comments * Resolve comments * Create object in using * Add the origin host to the srv lookup result * Validate endpoint by domain name (#499) * Validate endpoint by domain name * Resolve comments * Remove *-test * Fix formatResolve conflict * Use await using for IAsyncDisposible * Replace IAsyncEumerable with ValueTask<IEnumerable> * Resolve comments * Remove cancallation token * Resolve comments
amerjusupovic
pushed a commit
that referenced
this pull request
Feb 21, 2024
* Automatic http failover base on Srv Dns * update failover condition * Logging messages for auto failover * Not use generic method * Remove useless constructor * Failover to TCP when response is truncated * Error handling of TCP failover * Resolve comments and add thrid party notice * Fix the tests * Fix the tess * Fix the test * Update to use DnsClient.NET * Remove unecessary code * Resolve conflict * Stop once it has been auto failovered * Update GetAvaliableClient method * Resolve comments * Resolve comments * Internalize getting dynamic client in ConfigurationClientManager * Fix format * Fix format * Resolve comments * Resolve comments * Resolve comments * Resolve comments * Resolve comments * Resolve comments * Resolve comments * Not await RefreshFallbackClients when startup * Revert non-await RefreshFallbackClients * Validate domain of Srv endpoints (#489) * Validate domain of Srv endpoints * Resolve comments * Resolve comments * Create object in using * Add the origin host to the srv lookup result * Validate endpoint by domain name (#499) * Validate endpoint by domain name * Resolve comments * Remove *-test * Fix formatResolve conflict * Use await using for IAsyncDisposible * Replace IAsyncEumerable with ValueTask<IEnumerable> * Resolve comments * Remove cancallation token * Resolve comments
amerjusupovic
added a commit
that referenced
this pull request
Feb 22, 2024
* Automatic http failover base on Srv Dns (#442) * Automatic http failover base on Srv Dns * update failover condition * Logging messages for auto failover * Not use generic method * Remove useless constructor * Failover to TCP when response is truncated * Error handling of TCP failover * Resolve comments and add thrid party notice * Fix the tests * Fix the tess * Fix the test * Update to use DnsClient.NET * Remove unecessary code * Resolve conflict * Stop once it has been auto failovered * Update GetAvaliableClient method * Resolve comments * Resolve comments * Internalize getting dynamic client in ConfigurationClientManager * Fix format * Fix format * Resolve comments * Resolve comments * Resolve comments * Resolve comments * Resolve comments * Resolve comments * Resolve comments * Not await RefreshFallbackClients when startup * Revert non-await RefreshFallbackClients * Validate domain of Srv endpoints (#489) * Validate domain of Srv endpoints * Resolve comments * Resolve comments * Create object in using * Add the origin host to the srv lookup result * Validate endpoint by domain name (#499) * Validate endpoint by domain name * Resolve comments * Remove *-test * Fix formatResolve conflict * Use await using for IAsyncDisposible * Replace IAsyncEumerable with ValueTask<IEnumerable> * Resolve comments * Remove cancallation token * Resolve comments * Refactor and move backoff logic to AzureAppConfigurationProvider (#508) * move backoff logic to provider, can't access backoffendtime from manager for dynamic clients * add condition before calling getclients in refreshasync, add refreshclients method * fix logic to check if backoff ended for client * fix indents * check client backoff before refresh, fix tests in progress * remove tolist * comment changes, fix refresh tests * reduce minimum backoff when testing * fix tests, fix typo with failover logic * update comments in tests * resolve PR comments * resolve small comments * fix tests backoff duration * fix tests backoff duration * fix error from merging main branch in * add back fix for attempts backoff calculation --------- Co-authored-by: Richard chen <99175581+RichardChen820@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Validate endpoint by domain name