Built-in filter factory
Here is a simple table of all the filter factories built into Spring Cloud Gateway, which is not very detailed, but can be used as a quick overview. As follows:
Filter factory | function | parameter | AddRequestHeader | Add a Header to the original request | Header name and value | AddRequestParameter | Add request parameters to the original request | Parameter name and value | AddResponseHeader | Add a header to the original response | Header name and value | DedupeResponseHeader | Rejects duplicate values in the response header | The header name and deduplication strategy that need to be deduplicated | Hystrix | Introduce Hystrix's circuit breaker protection for the route | The name of HystrixCommand | FallbackHeaders | Add specific exception information to the request header of the fallbackUri | Header's name | PrefixPath | Add a prefix to the original request path | Prefix path | PreserveHostHeader | Add a preserveHostHeader=true property to the request, which the routing filter checks to decide if you want to send the original Host | not | RequestRateLimiter | Used to throttle requests, the throttling algorithm is a token bucket | keyResolver、rateLimiter、statusCode、denyEmptyKey、emptyKeyStatus | RedirectTo | Redirect the original request to the specified URL | HTTP status code and redirect URL | RemoveHopByHopHeadersFilter | Remove a series of headers prescribed by the IETF organization for the original request | This is enabled by default, and you can specify which headers only to delete through the configuration | RemoveRequestHeader | Delete a header for the original request | Header name | RemoveResponseHeader | Remove a header for the original response | Header name | RewritePath | Rewrite the original request path | The original path regex and the regex of the rewritten path | RewriteResponseHeader | Rewrite a header in the original response | Header name, regular expression of value, rewritten value | SaveSession | Enforce the WebSession::save operation before forwarding the request | not | secureHeaders | Add a series of response headers that act as security to the original response | None, you can modify the values of these security response headers | SetPath | Modify the original request path | Modified path | SetResponseHeader | Modify the value of a header in the original response | Header name, the modified value | SetStatus | Modify the status code of the original response | HTTP status codes, which can be numbers or strings | StripPrefix | Used to truncate the path of the original request | Use numbers to indicate the number of paths to be truncated | Retry | Retry for different responses | retries、statuses、methods、series | RequestSize | Set the size of the maximum requested packets that are allowed to be received. If the request package size exceeds the set value, 413 Payload Too Large is returned | The request package size is in bytes and the default value is 5M | ModifyRequestBody | Modify the original request body content before forwarding the request | The modified request body content | ModifyResponseBody | Modify the contents of the original response body | The modified response body content | Default | Add filters for all routes | Filter factory name and value |
Tips: Each filter factory corresponds to an implementation class, and theseThe name of the class must end with GatewayFilterFactoryThis is a convention of Spring Cloud Gateway, for example, the implementation class corresponding to AddRequestHeader is AddRequestHeaderGatewayFilterFactory. Friends who are interested in the source code can splice specific class names according to this rule to find the implementation code of these built-in filter factories.
1、AddRequestHeader GatewayFilter Factory
Add a header to the original request, configuration example:
Add a request header named X-Request-Foo with a value of Bar to the original request
2、AddRequestParameter GatewayFilter Factory
Add request parameters and values to the original request, configuration example:
Add a parameter named foo with a value of bar to the original request, i.e.: foo=bar
3、AddResponseHeader GatewayFilter Factory
Add a header to the original response, configuration example:
Add a response header named X-Request-Foo with a value of Bar to the original response
4、DedupeResponseHeader GatewayFilter Factory
DedupeResponseHeader can remove duplicate values in response headers based on the configured header name and deduplication policy, which is a new feature provided by Spring Cloud Greenwich SR2 and cannot be used under this version.
WeIf the CORS (Solving Cross-Domain) Header is set on both the Gateway and the microservice, if no configuration is made, then the value of the CORS Header obtained by requesting the -> Gateway -> microservice, it will be like this:
You can see that the values of these two Headers are duplicated, if you want to deduplicate the values of these two Headers, you need to use DedupeResponseHeader, configuration example:
Deduplication Strategy:
- RETAIN_FIRST: Default, keep the first value
- RETAIN_LAST: Keep the last value
- RETAIN_UNIQUE: Keep all unique values in the order they first appeared
If you want to have a more comprehensive understanding of the filter factory, it is recommended to read the source code of the filter factory, because the source code has detailed notes and examples, which is better than the official documentation: org.springframework.cloud.gateway.filter.factory.DedupeResponseHeaderGatewayFilterFactory
5、Hystrix GatewayFilter Factory
Introducing Hystrix's circuit breaker protection for routes, configuration example:
Hystrix is the first generation of fault-tolerant components of Spring Cloud, but it has entered maintenance mode, and Hystrix will be removed by Spring Cloud in the future, replaced by Alibaba Sentinel/Resilience4J. So this article will not go into detail, if you are interested, you can refer to the official documentation: Hystrix GatewayFilter Factory
6、FallbackHeaders GatewayFilter Factory
Also supporting Hystrix, the filter factory described in the previous section supports a configuration parameter: fallbackUri, which is used to forward requests to a specific URI when an exception occurs. The FallbackHeaders filter factory can add a header when forwarding a request to the URI, and the value of this header is the specific exception information. Configuration example:
I won't go into detail here, if you are interested, you can refer to the official documentation: FallbackHeaders GatewayFilter Factory
7、PrefixPath GatewayFilter Factory
Add a prefix path to the original request path, configuration example:
This configuration makes the visit to ${GATEWAY_URL}/hello forwarded tohttps://example.org/mypath/hello
8、PreserveHostHeader GatewayFilter Factory
Add a preserveHostHeader=true property to the request, which the routing filter checks to decide whether to send the original Host Header. Configuration example:
If not set, then the header named Host will be controlled by the Http Client
9、RequestRateLimiter GatewayFilter Factory
It is used to throttle requests, and the throttling algorithm is a token bucket. Configuration example:
10、RedirectTo GatewayFilter Factory
Redirect the original request to the specified URL, configuration example:
This configuration makes access to ${GATEWAY_URL}/hello redirected to https://acme.org/hello , and carry oneLocation:http://acme.orgHeader, while the HTTP status code that returns the client is 302
Notes:
The HTTP status code should be 3xx, e.g. 301
The URL must be a legitimate URL that serves as the value of the Location Header
11、RemoveHopByHopHeadersFilter GatewayFilter Factory
For the original request to remove a series of headers specified by the IETF organization, the default deleted headers are as follows:
- Connection
- Keep-Alive
- Proxy-Authenticate
- Proxy-Authorization
- TE
- Trailer
- Transfer-Encoding
- Upgrade
You can specify which headers are only deleted through the configuration, configuration example:
12、RemoveRequestHeader GatewayFilter Factory
To remove a header for the original request, configure an example:
Remove the request header named X-Request-Foo from the original request
13、RemoveResponseHeader GatewayFilter Factory
To remove a header for the original response, configure an example:
Remove the response header named X-Request-Foo from the original response
14、RewritePath GatewayFilter Factory
Overriding the original request path with a regular expression, configuration example:
This configuration allows access to /foo/bar to rewrite the path to /bar and forward it, i.e. forwarded to https://example.org/bar。 Note that due to YAML syntax, $\ needs to be used instead of $
15、RewriteResponseHeader GatewayFilter Factory
Rewrite a header in the original response, configuration example:
The significance of this configuration is that if the value of X-Response-Foo in the response header is /42?user=ford&password=omg!what&flag=true, then it will be rewritten to /42?user=ford&password=***&flag=true according to the configured value, that is, the password=omg!what will be rewritten to password=***
16、SaveSession GatewayFilter Factory
Before forwarding the request, enforce the WebSession::save operation, configuration example:
It is mainly used for deferred data storage (data is not persisted immediately) like Spring Session, and wants to ensure that session state is saved before the request is forwarded. If you integrate Spring Secutiry into Spring Session and want to ensure that all security information is transmitted to downstream machines, you need to configure this filter.
17、secureHeaders GatewayFilter Factory
The secureHeaders filter factory is mainly based on the recommendations in this blog, adding a series of response headers that play a security role in the original response. By default, the following Headers (including values) are added:
- X-Xss-Protection:1; mode=block
- Strict-Transport-Security:max-age=631138519
- X-Frame-Options:DENY
- X-Content-Type-Options:nosniff
- Referrer-Policy:no-referrer
- Content-Security-Policy:default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src https:; style-src 'self' https: 'unsafe-inline'
- X-Download-Options:noopen
- X-Permitted-Cross-Domain-Policies:none
If you want to modify the values of these Headers, then you need to use the corresponding suffixes of these Headers, as follows:
- xss-protection-header
- strict-transport-security
- frame-options
- content-type-options
- referrer-policy
- content-security-policy
- download-options
- permitted-cross-domain-policies
Configuration example:
If you want to disable certain headers, you can use the following configuration:
18、SetPath GatewayFilter Factory
Modify the original request path and configure an example:
This configuration makes it forwarded to ${GATEWAY_URL}/foo/bar when accessedhttps://example.org/bar , that is, the original /foo/bar was changed to /bar
19、SetResponseHeader GatewayFilter Factory
Modify the value of a header in the original response, configure an example:
Modify the value of X-Response-Foo in the original response to Bar
20、SetStatus GatewayFilter Factory
Modify the status code of the original response, configuration example:
The value of SetStatusd can be either a number or a string. But it must be the value in the Spring HttpStatus enumeration class. Both of the above configurations can return the HTTP status code 401.
21、StripPrefix GatewayFilter Factory
For truncating the path of the original request, configuration example:
As shown in the above configuration, if the requested path is /name/bar/foo, then it will be truncated to /foo and forwarded, that is, 2 paths will be truncated.
22、Retry GatewayFilter Factory
Retry for different responses, e.g. for HTTP status codes, configuration example:
The following parameters can be configured:
- retries: The number of retries
- statuses: The status code that needs to be retried, set in org.springframework.http.HttpStatus
- methods: The request method that needs to be retried, with a value in org.springframework.http.HttpMethod
- series:HTTP status code sequence, with a value in org.springframework.http.HttpStatus.Series
23、RequestSize GatewayFilter Factory
Set the size of the maximum request packets allowed to be received, configuration example:
If the request package size exceeds the set value, a 413 Payload Too Large is returned along with an errorMessage
24、Modify Request Body GatewayFilter Factory
Modify the original request body content before forwarding the request, the filter factory can only be configured by code, not in the configuration file. Code example:
Tips: This filter factory is in BETA state, and the API may change in the future.Please use the production environment with caution
25、Modify Response Body GatewayFilter Factory
The filter factory can also be used to modify the contents of the original response body, and the filter factory can only be configured by code, not in the configuration file. Code example:
Tips: This filter factory is in BETA state, the API may change in the future, please use it with caution in the production environment
26、Default Filters
Default Filters is used to add a filter factory to all routes, that is, to say, to passThe filter factory configured by the Default Filter will apply to all routes。 Configuration example:
(End)
|
Posted on 2/7/2022 1:36:49 PM
|
|
|
