fix(var): patch set_header (#97) (#104)

patch the `req.set_header` function to invalidate the relevant `variable_index` entry for the modified header.
Specifically, after normalizing the header name, the corresponding `variable_index` entry is set to `nil`.
This ensures that subsequent accesses to `ngx.var.http_*` variables will bypass the cached index and fetch
the updated header value.

same fix way as: #59

Fix: KAG-5963
Fix: FTI-6406

Signed-off-by: tzssangglass <[email protected]>

Author: tzssangglass

.github/workflows/tests.yml

@@ -5,7 +5,7 @@ on:
   push:
 
 env:
-  KONG_VERSION: master
+  KONG_VERSION: release/3.9.x
   BUILD_ROOT: ${{ github.workspace }}/kong/bazel-bin/build
 
 concurrency:

.luacheckrc

@@ -20,6 +20,9 @@ globals = {
         req = {
             set_uri_args = {
                 read_only = false
+            },
+            set_header = {
+                read_only = false
             }
         }
     }

lualib/resty/kong/var.lua

@@ -24,7 +24,10 @@ local NGX_DECLINED = ngx.DECLINED
 
 local variable_index = {}
 local metatable_patched
+local str_replace_char
+local replace_dashes_lower
 
+local HTTP_PREFIX = "http_"
 
 --Add back if stream module is implemented to aid readability
 --see bottom of: https://luajit.org/ext_ffi_tutorial.html
@@ -50,6 +53,11 @@ if subsystem == "http" then
     --ngx_lua_kong_ffi_var_get_by_index = C.ngx_http_lua_kong_ffi_var_get_by_index
     --ngx_lua_kong_ffi_var_set_by_index = C.ngx_http_lua_kong_ffi_var_set_by_index
     --ngx_lua_kong_ffi_var_load_indexes = C.ngx_http_lua_kong_ffi_var_load_indexes
+    
+    str_replace_char = require("resty.core.utils").str_replace_char
+    replace_dashes_lower = function(str)
+        return str_replace_char(str:lower(), "-", "_")
+    end
 end
 
 
@@ -159,6 +167,16 @@ local function patch_functions()
     variable_index.args = nil
     return orig_set_uri_args(...)
   end
+  
+  local orig_set_header = req.set_header
+
+  req.set_header = function(name, value)
+    local normalized_header = replace_dashes_lower(name)
+    normalized_header = HTTP_PREFIX .. normalized_header
+    variable_index[normalized_header] = nil
+
+    return orig_set_header(name, value)
+  end
 end
 
 

t/005-indexed-var-openresty-suites.t

@@ -9,7 +9,8 @@ use Test::Nginx::Socket::Lua;
 
 repeat_each(2);
 
-plan tests => repeat_each() * (blocks() * 2 + 9 + 4 + 3);
+plan tests => repeat_each() * (blocks() * 2 + 9 + 4 + 3 + 3);
+
 
 #no_diff();
 #no_long_string();
@@ -387,3 +388,57 @@ foo=bar&added=yes
 [error]
 [crit]
 [alert]
+
+
+
+=== TEST 14: patch metatable does not invalidate function req.set_header
+--- http_config
+    lua_package_path "../lua-resty-core/lib/?.lua;lualib/?.lua;;";
+    lua_kong_load_var_index default;
+
+    init_by_lua_block {
+        require("resty.kong.var").patch_metatable()
+    }
+
+--- config
+    location /auth {
+        content_by_lua_block {
+            ngx.say(ngx.var.http_authorization)
+            ngx.req.set_header("Authorization", "foo")
+            ngx.say(ngx.var.http_authorization)
+            ngx.req.set_header("Authorization", "bar")
+            ngx.say(ngx.var.http_authorization)
+            ngx.req.set_header("Authorization", "baz")
+            ngx.say(ngx.var.http_authorization)
+            ngx.req.set_header("Authorization", "qux")
+            ngx.say(ngx.var.http_authorization)
+            
+            ngx.say(ngx.var.http_kong_debug)
+            ngx.req.set_header("Kong-Debug", "true")
+            ngx.say(ngx.var.http_kong_debug)
+            ngx.req.set_header("Kong-Debug", "false")
+            ngx.say(ngx.var.http_kong_debug)
+            ngx.req.set_header("Kong-Debug", "true")
+            ngx.say(ngx.var.http_kong_debug)
+            ngx.req.set_header("Kong-Debug", "false")
+            ngx.say(ngx.var.http_kong_debug)
+        }
+    }
+
+--- request
+GET /auth
+--- response_body
+nil
+foo
+bar
+baz
+qux
+nil
+true
+false
+true
+false
+--- no_error_log
+[error]
+[crit]
+[alert]