This topic describes the path normalization policies available in Service Mesh (ASM) and how to configure them.
Background
In a Service Mesh, an HTTP request path is critical to request processing. If a request path is not in a standard format, the sidecar proxy might reject it, potentially causing security vulnerabilities for services in the cluster. In Service Mesh (ASM), you can configure a path normalization policy to ensure HTTP request paths are consistent and standardized across your service mesh. Based on the selected policy, the sidecar proxy normalizes the HTTP request path in different ways.
Procedure
-
Log on to the ASM console. In the left-side navigation pane, choose .
-
On the Mesh Management page, click the name of the target instance. On the Base Information page, find Config Info in the Path Normalization Policy section and click Edit.
-
In the dialog box, select a path normalization policy and click OK. The following table describes the available path normalization policies.
Policy
Description
NONE
No path normalization is applied.
BASE
Normalizes paths according to RFC 3986. For example,
/a/../bis normalized to/b.MERGE_SLASHES
In addition to the BASE policy, this policy merges adjacent slashes. For example,
/a//bis normalized to/a/b.DECODE_AND_MERGE_SLASHES
In addition to the MERGE_SLASHES policy, this policy first percent-decodes characters in the path and then merges adjacent slashes. This means that only percent-encoded slash (
%2F) and backslash (%5C) characters are decoded. Other characters, such as%21, are not affected. This process converts%2Fto/and%5Cto \. For example,/a%2Fbis normalized to/a/b.