Home > Back-end >  How to whitelist an optional cookie using regex in skipper-filter of zalando
How to whitelist an optional cookie using regex in skipper-filter of zalando

Time:10-15

I'd like to modify a Cookie RequestHeader using a regex to prevent sending too many cookies to the server, because the server wil simply drop the request on too large headers. However, I don't want to drop all the cookies, because I still niet the 'authorization' cookie. That being said, not all request contain the 'authorization' cookie.

# example cookie A:
foo=bar;authorization=jwt;more=bla

#example cookie B:
foo=bar;more=bla

Using zalando's skipper filter, I can modify the request header like so:

zalando.org/skipper-filter: modRequestHeader("Cookie", "^(.*)(authorization=.[^;] ;)(.*)$", "$2")

This will work in case of A, but not in case of B, as then I'll get ALL the cookies instead of NONE.

So how do I modify the regex to fix it to work in both cases?

EDIT: Thanks @Wiktor

I ended up with this working solution, as a single cookie didn't need a trailing semicolon:

zalando.org/skipper-filter: modRequestHeader("Cookie", "^(?:(.*)(authorization=[^;] )(.*)|. )$", "$2")

CodePudding user response:

The easiest approach to erase a string with no match is by adding a . alternative:

^(?:(.*)(authorization=[^;] ;)(.*)|. )$

See the regex demo. Details:

  • ^ - start of string
  • (?: - start of a non-capturing group:
    • (.*) - Group 1: any zero or more chars other than line break chars, as many as possible
    • (authorization=[^;] ;) - Group 2: authorization= string and hen one or more chars other than ; and then a ;
    • (.*) - Group 3: any zero or more chars other than line break chars, as many as possible -| - or
    • . - any one or more chars other than line break chars, as many as possible
  • ) - end of the non-capturing group
  • $ - end of string.

Another way is to match the authorization part inside an optional group making the first dot pattern lazy:

^(.*?)(?:(authorization=[^;] ;)(.*))?$

See this regex demo. As the whole non-matching string will land in Group 1, replacing with $2 will still yield an empty output.

Details:

  • (.*?) - Group 1: any zero or more chars other than line break chars as few as possible
  • (?:(authorization=[^;] ;)(.*))? - an optional non-capturing group
    • (authorization=[^;] ;) - Group 2: authorization=, one or more non-semicolons and a ; char
    • (.*) - Group 3: any zero or more chars other than line break chars as many as possible

If you do not need to access the Group 3 value, remove the parentheses from the last .*.

Page link:https//www.codepudding.com/Backend/152725.html

Prev:Convert regex pattern to LL1 parser
Next:Optimize byte array escaping performance python
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding