Comments (5)
Also by checking a similiar bug, this was discussed here dotnet/aspnetcore#14745 although the authors of the grpc dont consider it to be correct to send the :scheme that way and are not planning to ease validation. I am not sure when is the scheme build, but it would make sence to specify it somewhere in the Transformer (or have the ability to prepend https:// or http:// ) I
from linkerd.
Thanks, @MartinKosicky! Yes, I think you are correct that Linkerd should set the :scheme pseudoheader to http
or https
as appropriate when proxying the request rather than just forwarding the existing value.
from linkerd.
I'm experiencing exactly the same problem, the only difference is that client connecting to the Linkerd sidecar without TLS and then Linkerd setup secure connection to the remote service:
Microsoft.AspNetCore.Server.Kestrel[35]
Trace id "0HM40TS2KM45M:00000005": HTTP/2 stream error "PROTOCOL_ERROR". A Reset is being sent to the stream.
Microsoft.AspNetCore.Connections.ConnectionAbortedException: The request :scheme header 'http' does not match the transport scheme 'https'.
from linkerd.
@astryia thanks for the confirmation.
If you're interested in contributing a PR, we'd love to have a fix for this.
from linkerd.
I think this is dotnet/aspnetcore#30532
from linkerd.
Related Issues (20)
- GC log is rotated too often on Java >= 9
- Failure detector closes connection if linkerd receives data faster than it can write HOT 7
- pull-destination-proto.sh should use a pinned version
- linkerd tap tls error HOT 2
- Linkerd sporadically stops watching remote addresses in Namerd with thrift interpreter HOT 3
- Future of Linkerd 1.x HOT 3
- Name resolution for endpoints with io.l5d.fs namer HOT 1
- Services and opaque ports HOT 1
- Require image for ARM64 architecture HOT 1
- Does Linkerd implement SPIFFE ID? HOT 1
- Feature: DNS filtering HOT 3
- Assess Linkerd 1.x vulnerability to CVE-2021-44228 HOT 8
- Mitigating log4j vulnerability in linkerd1 HOT 1
- Request upgrade of all log4j 1.x to at least log4j 2.17.1, or patch vulnerabilities HOT 7
- We are running Namerd & Consul cluster in our environment ,getting below error frequently and that break application communication
- serverSession: idleTimeMs times out while there is activity
- Drop capabilities HOT 1
- Namerd version admin port HOT 2
- ZooKeeper server set namer `io.l5d.serversets` appears to leak ZooKeeper watches HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from linkerd.