Spring Cloud Gateway - 过滤法则

作者: Anoyi

2019-11-16 14:19

1、AddRequestHeader GatewayFilter Factory

输入两个参数:Header Name、Value,向下游请求地址添加 Header 信息,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: add_request_header_route
        uri: https://anoyi.com
        filters:
        - AddRequestHeader=X-Request-Foo, Bar

AddRequestHeader 结合 Path 路由,再添加 Header 信息,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: add_request_header_route
        uri: https://anoyi.com
        predicates:
        - Path=/foo/{segment}
        filters:
        - AddRequestHeader=X-Request-Foo, Bar-{segment}

2、AddRequestParameter GatewayFilter Factory

输入两个参数:Request Query Name、Value,向下游请求地址添加 URL 参数信息,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: add_request_parameter_route
        uri: https://anoyi.com
        filters:
        - AddRequestParameter=foo, bar

AddRequestParameter 结合 Host 路由,再添加 URL 参数信息,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: add_request_parameter_route
        uri: https://anoyi.com
        predicates:
        - Host: {segment}.anoyi.io
        filters:
        - AddRequestParameter=foo, bar-{segment}

5、AddResponseHeader GatewayFilter Factory

输入两个参数:Header Name、Value,下游请求完成后在 Response 添加 Header 信息,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: add_response_header_route
        uri: https://anoyi.com
        filters:
        - AddResponseHeader=X-Response-Foo, Bar

6、DedupeResponseHeader GatewayFilter Factory

输入两个参数:Header Name、Strategy【可选】,Header Name 可以多个,用空格隔开,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: dedupe_response_header_route
        uri: https://anoyi.com
        filters:
        - DedupeResponseHeader=Access-Control-Allow-Credentials Access-Control-Allow-Origin

如上所示,当下游和 Spring Cloud Gateway 都设置跨域时,将在 Response Header 中移除重复的 Access-Control-Allow-CredentialsAccess-Control-Allow-Origin

strategy 可设置的值以及配置方式如下:

  • RETAIN_FIRST:保留第一个值【默认】
  • RETAIN_LAST:保留最后一个值
  • RETAIN_UNIQUE:保留所有唯一值,以它们第一次出现的顺序保留
spring:
  cloud:
    gateway:
      routes:
      - id: dedupe_response_header_route
        uri: https://anoyi.com
        filters:
        - DedupeResponseHeader=Access-Control-Allow-Credentials Access-Control-Allow-Origin, RETAIN_LAST

参考文档:DedupeResponseHeaderGatewayFilterFactory

7、MapRequestHeader GatewayFilter Factory

输入两个参数:Header1、Header2,将上游 Header1 的值赋值到下游 Header2,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: map_request_header_route
        uri: https://example.org
        filters:
        - MapRequestHeader=Bar, X-Request-Foo

8、PrefixPath GatewayFilter Factory

输入一个参数:prefix,在请求路径中添加前缀路径,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: prefixpath_route
        uri: https://example.org
        filters:
        - PrefixPath=/mypath

如上所示,/hello 请求会转发到下游的 /mypath/hello

9、【待补充】RequestRateLimiter GatewayFilter Factory

请求频率控制,示例配置:


参考文档:requestratelimiter-gatewayfilter-factory

10、RedirectTo GatewayFilter Factory

输入两个参数:Status Code、URL,将在 Response 中把 URL 赋值给 Location 属性,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: prefixpath_route
        uri: https://anoyi.com
        filters:
        - RedirectTo=302, https://anoyi.org

Status Code 需要为 300 系列的重定向值,比如 301 等

11、RemoveHopByHopHeadersFilter GatewayFilter Factory

默认删除的 Headers 如下:

  • Connection
  • Keep-Alive
  • Proxy-Authenticate
  • Proxy-Authorization
  • TE
  • Trailer
  • Transfer-Encoding
  • Upgrade

如需更改此选项,配置 spring.cloud.gateway.filter.remove-non-proxy-headers.headers 即可

12、RemoveRequestHeader GatewayFilter Factory

输入一个参数:Header Name,请求下游前移除指定 Header,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: removerequestheader_route
        uri: https://anoyi.com
        filters:
        - RemoveRequestHeader=X-Request-Foo

13、RemoveResponseHeader GatewayFilter Factory

输入一个参数:Header Name,下游请求完毕后移除 Response 指定 Header,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: removeresponseheader_route
        uri: https://anoyi.com
        filters:
        - RemoveResponseHeader=X-Response-Foo

14、 RemoveRequestParameter GatewayFilter Factory

输入一个参数:Query Name,请求下游前移除指定 Query Name,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: removerequestparameter_route
        uri: https://anoyi.com
        filters:
        - RemoveRequestParameter=foo

15、RewritePath GatewayFilter Factory

输入两个参数:正则表达式、替代值,匹配请求路径并按指定规则替换,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: rewritepath_route
        uri: https://anoyi.com
        predicates:
        - Path=/foo/**
        filters:
        - RewritePath=/foo(?<segment>/?.*), $\{segment}

如上所以,如果请求 /foo/bar,则请求下游时 Path 会被修改为 /bar ,注意 $\ 是 YAML 语法的需求

16、RewriteLocationResponseHeader GatewayFilter Factory

输入四个参数:stripVersionModelocationHeaderNamehostValueprotocolsRegex,修改 Response Header 的 Location,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: rewritelocationresponseheader_route
        uri: http://anoyi.com
        filters:
        - RewriteLocationResponseHeader=AS_IN_REQUEST, Location, ,

如上所示,一个请求 POST api.anoyi.com/some/object/name, Response header Location 的值 prod.anoyi.com/v2/some/object/id 将被改为 api.anoyi.com/some/object/id

参数 stripVersionMode 可选值如下:

  • NEVER_STRIP:版本信息不会被剥离,即使原始请求路径不包含版本
  • AS_IN_REQUEST:仅当原始请求路径不包含任何版本时,才会剥离版本【默认】
  • ALWAYS_STRIP:即使原始请求路径包含版本,也会剥离版本

参数 hostValue,如果提供,会替换 Response Header Location 值中的 host:port 部分;如果不提供,则会使用 Request 的 Host 作为默认值

参数 protocolRegex,协议会与该值匹配,如果不匹配,过滤器不回做任何操作,默认值 http|https|ftp|ftps

17、RewriteResponseHeader GatewayFilter Factory

输入三个参数:Response Header Name、正则表达式、替换值,匹配指定 Response Header 的值并替换,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: rewriteresponseheader_route
        uri: https://anoyi.com
        filters:
        - RewriteResponseHeader=X-Response-Foo, , password=[^&]+, password=***

如上所示,假设 X-Response-Foo 值为 /42?user=ford&password=omg!what&flag=true,会被重置为 /42?user=ford&password=***&flag=true

18、【待补充】SaveSession GatewayFilter Factory

示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: save_session
        uri: https://anoyi.com
        predicates:
        - Path=/foo/**
        filters:
        - SaveSession

19、SecureHeaders GatewayFilter Factory

依据 Everything you need to know about HTTP security headers 这篇文章,该过滤器在 Response 中添加了一系列 Header 及默认值:

  • X-Xss-Protection:1; mode=block
  • Strict-Transport-Security:max-age=631138519
  • X-Frame-Options:DENY
  • X-Content-Type-Options:nosniff
  • Referrer-Policy:no-referrer
  • Content-Security-Policy:default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src https:; style-src 'self' https: 'unsafe-inline'
  • X-Download-Options:noopen
  • X-Permitted-Cross-Domain-Policies:none

如需修改默认值,可以通过 spring.cloud.gateway.filter.secure-header 命名空间来设置:

  • xss-protection-header
  • strict-transport-security
  • frame-options
  • content-type-options
  • referrer-policy
  • content-security-policy
  • download-options
  • permitted-cross-domain-policies

禁用默认 Header 可以配置 spring.cloud.gateway.filter.secure-headers.disable,示例:

spring.cloud.gateway.filter.secure-headers.disable=frame-options,download-options

20、SetPath GatewayFilter Factory

输入一个参数:template,匹配 Spring Framework URI 路径模板并修改,允许多个匹配,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: setpath_route
        uri: https://anoyi.com
        predicates:
        - Path=/foo/{segment}
        filters:
        - SetPath=/{segment}

如上所示,请求 /foo/bar 会被设置为 /bar 到下游

21、SetRequestHeader GatewayFilter Factory

输入两个参数:Header Name、Value,设置指定的 Request Header 信息,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: setrequestheader_route
        uri: https://anoyi.com
        filters:
        - SetRequestHeader=X-Request-Foo, Bar

AddRequestHeader GatewayFilter Factory 不同的是,这是替换 Header 而不是添加

22、SetResponseHeader GatewayFilter Factory

输入两个参数:Header Name、Value,设置指定的 Response Header 信息,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: setresponseheader_route
        uri: https://example.org
        filters:
        - SetResponseHeader=X-Response-Foo, Bar

23、SetStatus GatewayFilter Factory

输入一个参数:status,设置 Response 的返回码,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: setstatusstring_route
        uri: https://anoyi.com
        filters:
        - SetStatus=BAD_REQUEST
      - id: setstatusint_route
        uri: https://anoyi.com
        filters:
        - SetStatus=401

如上所示,setstatusstring_route 的值为 Spring HttpStatus 枚举,setstatusint_route 的值为整型数字

如需返回下游的 Response Status Code,可以这样配置:

spring:
  cloud:
    gateway:
      set-status:
        original-status-header-name: original-http-status

24、StripPrefix GatewayFilter Factory

输入一个参数:parts,parts 值为正整数,剥离部分请求路径,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: nameRoot
        uri: https://anoyi.com
        predicates:
        - Path=/name/**
        filters:
        - StripPrefix=2

如上所示,请求路径 /name/foo/bar,会剥离前面 2 级路径 /name/foo,最终请求到 https://anoyi.com/bar

25、Retry GatewayFilter Factory

该过滤器用于重试请求,支持如下参数的配置:

  • retries: 重试的次数

  • statuses: 应被重试的 HTTP Status Codes,参考 org.springframework.http.HttpStatus

  • methods: 应被重试的 HTTP Methods,参考org.springframework.http.HttpMethod

  • series: 应被重试的 Status Codes 系列,参考 org.springframework.http.HttpStatus.Series

  • exceptions: 应被重试的异常列表

  • backoff: 为重试配置指数级的 backoff。重试时间间隔的计算公式为 firstBackoff * (factor ^ n),n 是重试的次数;如果设置了 maxBackoff,最大的 backoff 限制为 maxBackoff. 如果 basedOnPreviousValue 设置为 true, backoff 计算公式为 prevBackoff * factor.

如果 Retry filter 启用,默认配置如下:

  • retries — 3 times
  • series — 5XX series
  • methods — GET method
  • exceptions — IOException and TimeoutException
  • backoff — disabled

示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: retry_test
        uri: http://localhost:8080/anoyi
        predicates:
        - Host=*.anoyi.com
        filters:
        - name: Retry
          args:
            retries: 3
            statuses: BAD_GATEWAY
            backoff:
              firstBackoff: 10ms
              maxBackoff: 50ms
              factor: 2
              basedOnPreviousValue: false

26、 RequestSize GatewayFilter Factory

限制请求到下游服务的 RequestSize,示例配置:

spring:
  cloud:
    gateway:
      routes:
      - id: request_size_route
        uri: http://localhost:8080/upload
        predicates:
        - Path=/upload
        filters:
        - name: RequestSize
          args:
            maxSize: 5000000

27、Default Filters

为所有的路由配置过滤器,可以设置 spring.cloud.gateway.default-filters,示例配置:

spring:
  cloud:
    gateway:
      default-filters:
      - AddResponseHeader=X-Response-Default-Foo, Default-Bar
      - PrefixPath=/httpbin
看法

看法

昵称
邮箱