HeaderRewrites

microgateway.airlock.com/v1alpha1

HeaderRewrites is the Schema for the headerrewrites API

apiVersion: microgateway.airlock.com/v1alpha1
kind: HeaderRewrites
metadata:
  name: header-rewrites-example
spec:
  request:
    allow:
      matchingHeaders:
        # Drop all request headers except "X-CSRF-TOKEN" and those in the built-in
        # standard header allow list (Accept, Cookie, etc.) to reduce the attack surface.
        builtIn:
          standardHeaders: true
        custom:
          - name: Allow X-CSRF-Token header
            headers:
              - name:
                  matcher:
                    exact: X-CSRF-TOKEN
    remove:
      # Remove the "X-Forwarded-Host" header and those in the built-in
      # alternative forwarded headers list from the request.
      builtIn:
        alternativeForwardedHeaders: true
      custom:
        - name: Remove X-Forwarded-Host
          headers:
            - name:
                matcher:
                  exact: X-Forwarded-Host
    add:
      # Inject a custom header into the request.
      custom:
        - name: Add headers with TLS information of the downstream connection
          headers:
            - name: X-TLS-DOWNSTREAM-PEER-CERT
              value: "%DOWNSTREAM_PEER_CERT%"
          mode: OverwriteOrAdd
  response:
    allow:
      # Allow all response headers.
      allHeaders: {}
    remove:
      # Remove the headers in the built-in auth basic list from the response.
      builtIn:
        auth:
          basic: true
    add:
      # Inject a custom header into the response.
      custom:
        - name: Add application version as header
          headers:
            - name: X-APP-VERSION
              value: "3.7.4"
          mode: OverwriteOrAdd

apiVersion: microgateway.airlock.com/v1alpha1
kind: HeaderRewrites
metadata:
  name: default
spec: 
  settings: 
    operationalMode: Production
  request: 
    allow: 
      matchingHeaders: 
        builtIn: 
          standardHeaders: true
    remove: 
      builtIn: 
        alternativeForwardedHeaders: true
    add: {}
  response: 
    allow: 
      allHeaders: {}
    remove: 
      builtIn: 
        informationLeakage: 
          server: true
          application: true
        auth: 
          basic: false
          ntlm: true
          negotiate: true
        permissiveCors: true
    add: 
      builtIn: 
        xFrameOptions: true
        hsts: true
        hstsPreload: false
        csp: true
        xContentTypeOptions: true
        referrerPolicy: true
        featurePolicy: false
        permissionsPolicy: true

HeaderRewrites

Field	Type	Description	Required	Default	Allowed Values
`metadata`	ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`	yes
spec	object	Specification of the desired header rewriting behavior.	no

HeaderRewrites.spec

Field	Type	Description	Required
request	object	Request defines manipulations on upstream request headers.	no
response	object	Response defines manipulations on upstream response headers.	no
settings	object	Settings configures the HeaderRewrites filter.	no

HeaderRewrites.spec.request

Field	Type	Description	Required	Default	Allowed Values
add	object	Add defines which request headers will be added before forwarding to the upstream.	no
allow	object	Allow defines which request headers will be forwarded to the upstream. This can either be allHeaders or matchingHeaders. Default: matchingHeaders: {…}	no	`matchingHeaders{...}`	`allHeaders{}`, `matchingHeaders{}`
remove	object	Remove defines which request headers will be removed before forwarding to the upstream.	no

HeaderRewrites.spec.request.add

Field	Type	Description	Required	Default	Allowed Values
custom	object[]	Custom allows configuring additional upstream request headers. Add selected headers.	no

HeaderRewrites.spec.request.add.custom[]

Field	Type	Description	Required	Default	Allowed Values
headers	object[]	Headers to add.	yes
`mode`	enum	Mode defines the header addition strategy.	no	`AddIfAbsent`	`AddIfAbsent`, `OverwriteOrAdd`
`name`	string	Name describing the configured operation.	yes

HeaderRewrites.spec.request.add.custom[].headers[]

Field	Type	Description	Required	Default	Allowed Values
`name`	string	Name defines the name of a header.	yes
`value`	string	Value defines the value of a header.	yes

HeaderRewrites.spec.request.allow

Field	Type	Description	Required	Default	Allowed Values
allHeaders	object	AllHeaders specifies that all request headers should be forwarded.	no
matchingHeaders	object	MatchingHeaders specifies which request headers should be forwarded.	no

HeaderRewrites.spec.request.allow.matchingHeaders

Field	Type	Description	Required	Default	Allowed Values
builtIn	object	BuiltIn allows configuring a set of predefined upstream request headers.	no
custom	object[]	Custom allows configuring additional upstream request headers.	no

HeaderRewrites.spec.request.allow.matchingHeaders.builtIn

Field	Type	Description	Required	Default	Allowed Values
`standardHeaders`	bool	StandardHeaders defines whether the request headers which are forwarded to the upstream will be restricted to a set of common request headers. Allows headers: `Accept` `Accept-Charset` `Accept-Language` `Access-Control-Request-Headers` `Access-Control-Request-Method` `Authorization` `Cache-Control` `Content-Length` `Content-Type` `Connection` (if value matches: `Upgrade`) `Cookie` `DNT` `Host` `If-Match` `If-Modified-Since` `If-None-Match` `If-Range` `If-Unmodified-Since` `Last-Event-ID` `Origin` `Pragma` `Range` `Referer` `Sec-Metadata` `Sec-WebSocket-Extensions` `Sec-WebSocket-Key` `Sec-WebSocket-Protocol` `Sec-WebSocket-Version` `SOAPAction` `UA-CPU` `Upgrade` (if value matches: `websocket`) `Upgrade-Insecure-Requests` `User-Agent` `Via` `X-Correlation-ID` `X-Do-Not-Track` `X-Requested-With` `X-Request-ID` `X-Same-Domain` `X-WAP-Profile` `X-WAP-Profile-Diff`	no	`true`	`true`, `false`

HeaderRewrites.spec.request.allow.matchingHeaders.custom[]

Field	Type	Description	Required	Default	Allowed Values
headers	object[]	Headers to allow.	yes
`name`	string	Name describing the configured operation. Must be unique.	yes

HeaderRewrites.spec.request.allow.matchingHeaders.custom[].headers[]

Field	Type	Description	Required	Default	Allowed Values
name	object	Name defines the name of a header.	no
value	object	Value defines the value of a header.	no

HeaderRewrites.spec.request.allow.matchingHeaders.custom[].headers[].name

Field	Type	Description	Required	Default	Allowed Values
matcher	object	Matcher defines the way to match a string. In comparison to a normal StringMatcher, a value is always matched ignoring the case and can’t be inverted.	yes		`exact{}`, `prefix{}`, `suffix{}`, `regex{}`, `contains{}`

HeaderRewrites.spec.request.allow.matchingHeaders.custom[].headers[].name.matcher

Field	Type	Description	Required
`contains`	string	Contains defines a substring match on the substring specified here. Empty contains match is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no
`exact`	string	Exact defines an explicit match on the string specified here. Only one of exact, prefix, suffix, regex or contains can be set.	no
`prefix`	string	Prefix defines a prefix match on the prefix specified here. Empty prefix is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no
`regex`	string	Regex defines a regex match on the regular expression specified here. Google’s RE2 regex engine is used. The regex matches only single-line by default, even with “.*”. To match a multi-line string prepend (?s) to your regex. Only one of exact, prefix, suffix, regex or contains can be set.	no
`suffix`	string	Suffix defines a suffix match on the suffix specified here. Empty suffix is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no

HeaderRewrites.spec.request.allow.matchingHeaders.custom[].headers[].value

Field	Type	Description	Required	Default	Allowed Values
matcher	object		yes		`exact{}`, `prefix{}`, `suffix{}`, `regex{}`, `contains{}`

HeaderRewrites.spec.request.allow.matchingHeaders.custom[].headers[].value.matcher

Field	Type	Description	Required	Default	Allowed Values
`contains`	string	Contains defines a substring match on the substring specified here. Empty contains match is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no
`exact`	string	Exact defines an explicit match on the string specified here. Only one of exact, prefix, suffix, regex or contains can be set.	no
`ignoreCase`	bool	IgnoreCase indicates whether the matching should be case-insensitive. In case of a regex match, the regex gets wrapped with a group `(?i:...)`.	no	`false`	`true`, `false`
`prefix`	string	Prefix defines a prefix match on the prefix specified here. Empty prefix is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no
`regex`	string	Regex defines a regex match on the regular expression specified here. Google’s RE2 regex engine is used. The regex matches only single-line by default, even with “.*”. To match a multi-line string prepend (?s) to your regex. Only one of exact, prefix, suffix, regex or contains can be set.	no
`suffix`	string	Suffix defines a suffix match on the suffix specified here. Empty suffix is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no

HeaderRewrites.spec.request.remove

Field	Type	Description	Required	Default	Allowed Values
builtIn	object	BuiltIn allows configuring a set of predefined upstream request headers.	no
custom	object[]	Custom allows configuring additional upstream request headers.	no

HeaderRewrites.spec.request.remove.builtIn

Field	Type	Description	Required	Default	Allowed Values
`alternativeForwardedHeaders`	bool	AlternativeForwardedHeaders removes downstream request headers which could potentially be abused to alter the upstream’s view of the remote connection. Removes headers: `Front-End-Https`	no	`true`	`true`, `false`

HeaderRewrites.spec.request.remove.custom[]

Field	Type	Description	Required	Default	Allowed Values
headers	object[]	Headers to remove.	yes
`name`	string	Name describing the configured operation. Must be unique.	yes

HeaderRewrites.spec.request.remove.custom[].headers[]

Field	Type	Description	Required	Default	Allowed Values
name	object	Name defines the name of a header.	no
value	object	Value defines the value of a header.	no

HeaderRewrites.spec.request.remove.custom[].headers[].name

Field	Type	Description	Required	Default	Allowed Values
matcher	object	Matcher defines the way to match a string. In comparison to a normal StringMatcher, a value is always matched ignoring the case and can’t be inverted.	yes		`exact{}`, `prefix{}`, `suffix{}`, `regex{}`, `contains{}`

HeaderRewrites.spec.request.remove.custom[].headers[].name.matcher

Field	Type	Description	Required
`contains`	string	Contains defines a substring match on the substring specified here. Empty contains match is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no
`exact`	string	Exact defines an explicit match on the string specified here. Only one of exact, prefix, suffix, regex or contains can be set.	no
`prefix`	string	Prefix defines a prefix match on the prefix specified here. Empty prefix is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no
`regex`	string	Regex defines a regex match on the regular expression specified here. Google’s RE2 regex engine is used. The regex matches only single-line by default, even with “.*”. To match a multi-line string prepend (?s) to your regex. Only one of exact, prefix, suffix, regex or contains can be set.	no
`suffix`	string	Suffix defines a suffix match on the suffix specified here. Empty suffix is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no

HeaderRewrites.spec.request.remove.custom[].headers[].value

Field	Type	Description	Required	Default	Allowed Values
matcher	object		yes		`exact{}`, `prefix{}`, `suffix{}`, `regex{}`, `contains{}`

HeaderRewrites.spec.request.remove.custom[].headers[].value.matcher

Field	Type	Description	Required	Default	Allowed Values
`contains`	string	Contains defines a substring match on the substring specified here. Empty contains match is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no
`exact`	string	Exact defines an explicit match on the string specified here. Only one of exact, prefix, suffix, regex or contains can be set.	no
`ignoreCase`	bool	IgnoreCase indicates whether the matching should be case-insensitive. In case of a regex match, the regex gets wrapped with a group `(?i:...)`.	no	`false`	`true`, `false`
`prefix`	string	Prefix defines a prefix match on the prefix specified here. Empty prefix is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no
`regex`	string	Regex defines a regex match on the regular expression specified here. Google’s RE2 regex engine is used. The regex matches only single-line by default, even with “.*”. To match a multi-line string prepend (?s) to your regex. Only one of exact, prefix, suffix, regex or contains can be set.	no
`suffix`	string	Suffix defines a suffix match on the suffix specified here. Empty suffix is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no

HeaderRewrites.spec.response

Field	Type	Description	Required	Default	Allowed Values
add	object	Add defines which response headers will be added before forwarding to the downstream.	no
allow	object	Allow defines which response headers will be forwarded to the downstream. This can either be allHeaders or matchingHeaders. Default: allHeaders: {}	no	`allHeaders{...}`	`allHeaders{}`, `matchingHeaders{}`
remove	object	Remove defines which response headers will be removed before forwarding to the downstream.	no

HeaderRewrites.spec.response.add

Field	Type	Description	Required	Default	Allowed Values
builtIn	object	BuiltIn allows configuring a set of predefined upstream response headers.	no
custom	object[]	Custom allows configuring additional upstream response headers.	no

HeaderRewrites.spec.response.add.builtIn

Field	Type	Description	Required	Default	Allowed Values
`csp`	bool	CSP sets a content security policy which allows only same-origin requests except for images if the ‘Content-Security-Policy’ header is not set by the upstream. Adds missing headers: `Content-Security-Policy: default-src 'self'; img-src `*	no	`true`	`true`, `false`
`featurePolicy`	bool	FeaturePolicy sets a feature policy which prevents cross-origin use of several browser features if the ‘Feature-Policy’ header is not set by the upstream. Deprecated: Use permissionsPolicy instead. Adds missing headers: `Feature-Policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; payment 'self'; usb 'self'; xr-spatial-tracking 'self'`	no	`false`	`true`, `false`
`hsts`	bool	HSTS enforces the use of HTTPS if the ‘Strict-Transport-Security’ header is not already set by the upstream. Adds missing headers: `Strict-Transport-Security: max-age=16070400`	no	`true`	`true`, `false`
`hstsPreload`	bool	HSTSPreload enforces the use of HTTPS including for subdomains and enables HSTS preload. Sets headers: `Strict-Transport-Security: max-age=31536000; includeSubDomains; preload`	no	`false`	`true`, `false`
`permissionsPolicy`	bool	PermissionsPolicy sets a permissions policy which prevents cross-origin use of several browser features if the ‘Permissions-Policy’ header is not set by the upstream. Adds missing headers: `Permissions-Policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self), usb=(self), xr-spatial-tracking=(self)`	no	`true`	`true`, `false`
`referrerPolicy`	bool	ReferrerPolicy ensures that no ‘Referer’ header is sent for cross-origin requests if the ‘Referrer-Policy’ header is not set by the upstream. Adds missing headers: `Referrer-Policy: same-origin`	no	`true`	`true`, `false`
`xContentTypeOptions`	bool	XContentTypeOptions sets ‘X-Content-Type-Options’ to ’nosniff’ if it is not set by the upstream. Adds missing headers: `X-Content-Type-Options: nosniff`	no	`true`	`true`, `false`
`xFrameOptions`	bool	XFrameOptions sets ‘X-Frame-Options’ to SAMEORIGIN if it is not set by the upstream. Adds missing headers: `X-Frame-Options: SAMEORIGIN`	no	`true`	`true`, `false`

HeaderRewrites.spec.response.add.custom[]

Field	Type	Description	Required	Default	Allowed Values
headers	object[]	Headers to add.	yes
`mode`	enum	Mode defines the header addition strategy.	no	`AddIfAbsent`	`AddIfAbsent`, `OverwriteOrAdd`
`name`	string	Name describing the configured operation.	yes

HeaderRewrites.spec.response.add.custom[].headers[]

Field	Type	Description	Required	Default	Allowed Values
`name`	string	Name defines the name of a header.	yes
`value`	string	Value defines the value of a header.	yes

HeaderRewrites.spec.response.allow

Field	Type	Description	Required	Default	Allowed Values
allHeaders	object	AllHeaders specifies that all response headers should be forwarded.	no
matchingHeaders	object	MatchingHeaders specifies which response headers should be forwarded.	no

HeaderRewrites.spec.response.allow.matchingHeaders

Field	Type	Description	Required	Default	Allowed Values
builtIn	object	BuiltIn allows configuring a set of predefined upstream response header.	no
custom	object[]	Custom allows configuring additional upstream response headers.	no

HeaderRewrites.spec.response.allow.matchingHeaders.builtIn

Field	Type	Description	Required	Default	Allowed Values
`standardHeaders`	bool	StandardHeaders defines whether the response headers which are forwarded to the downstream will be restricted to a set of common response headers. Allows headers: `Accept-Ranges` `Access-Control-Allow-Credentials` `Access-Control-Allow-Headers` `Access-Control-Allow-Methods` `Access-Control-Allow-Origin` `Access-Control-Expose-Headers` `Access-Control-Max-Age` `Allow` `Cache-Control` `Content-Disposition` `Content-Encoding` `Content-Language` `Content-Length` `Content-Location` `Content-MD5` `Content-Range` `Content-Security-Policy` `Content-Type` `Date` `Etag` `Expires` `Feature-Policy` `Permissions-Policy` `Frame-Options` `Last-Modified` `Location` `Pragma` `Referrer-Policy` `Refresh` `Retry-After` `Sec-WebSocket-Accept` `Sec-WebSocket-Extensions` `Sec-WebSocket-Protocol` `Sec-WebSocket-Version` `Strict-Transport-Security` `Trailer` `Transfer-Encoding` `Vary` `WWW-Authenticate` `Warning` `X-Content-Security-Policy` `X-Content-Type-Options` `X-Frame-Options` `X-Permitted-Cross-Domain-Policies` `X-UA-Compatible` `X-WAP-Profile-Warning` `X-WebKit-CSP`	no	`false`	`true`, `false`

HeaderRewrites.spec.response.allow.matchingHeaders.custom[]

Field	Type	Description	Required	Default	Allowed Values
headers	object[]	Headers to allow.	yes
`name`	string	Name describing the configured operation. Must be unique.	yes

HeaderRewrites.spec.response.allow.matchingHeaders.custom[].headers[]

Field	Type	Description	Required	Default	Allowed Values
name	object	Name defines the name of a header.	no
value	object	Value defines the value of a header.	no

HeaderRewrites.spec.response.allow.matchingHeaders.custom[].headers[].name

Field	Type	Description	Required	Default	Allowed Values
matcher	object	Matcher defines the way to match a string. In comparison to a normal StringMatcher, a value is always matched ignoring the case and can’t be inverted.	yes		`exact{}`, `prefix{}`, `suffix{}`, `regex{}`, `contains{}`

HeaderRewrites.spec.response.allow.matchingHeaders.custom[].headers[].name.matcher

Field	Type	Description	Required
`contains`	string	Contains defines a substring match on the substring specified here. Empty contains match is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no
`exact`	string	Exact defines an explicit match on the string specified here. Only one of exact, prefix, suffix, regex or contains can be set.	no
`prefix`	string	Prefix defines a prefix match on the prefix specified here. Empty prefix is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no
`regex`	string	Regex defines a regex match on the regular expression specified here. Google’s RE2 regex engine is used. The regex matches only single-line by default, even with “.*”. To match a multi-line string prepend (?s) to your regex. Only one of exact, prefix, suffix, regex or contains can be set.	no
`suffix`	string	Suffix defines a suffix match on the suffix specified here. Empty suffix is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no

HeaderRewrites.spec.response.allow.matchingHeaders.custom[].headers[].value

Field	Type	Description	Required	Default	Allowed Values
matcher	object		yes		`exact{}`, `prefix{}`, `suffix{}`, `regex{}`, `contains{}`

HeaderRewrites.spec.response.allow.matchingHeaders.custom[].headers[].value.matcher

Field	Type	Description	Required	Default	Allowed Values
`contains`	string	Contains defines a substring match on the substring specified here. Empty contains match is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no
`exact`	string	Exact defines an explicit match on the string specified here. Only one of exact, prefix, suffix, regex or contains can be set.	no
`ignoreCase`	bool	IgnoreCase indicates whether the matching should be case-insensitive. In case of a regex match, the regex gets wrapped with a group `(?i:...)`.	no	`false`	`true`, `false`
`prefix`	string	Prefix defines a prefix match on the prefix specified here. Empty prefix is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no
`regex`	string	Regex defines a regex match on the regular expression specified here. Google’s RE2 regex engine is used. The regex matches only single-line by default, even with “.*”. To match a multi-line string prepend (?s) to your regex. Only one of exact, prefix, suffix, regex or contains can be set.	no
`suffix`	string	Suffix defines a suffix match on the suffix specified here. Empty suffix is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no

HeaderRewrites.spec.response.remove

Field	Type	Description	Required	Default	Allowed Values
builtIn	object	BuiltIn allows configuring a set of predefined upstream response headers.	no
custom	object[]	Custom allows configuring additional upstream response headers.	no

HeaderRewrites.spec.response.remove.builtIn

Field	Type	Description	Required	Default	Allowed Values
auth	object	Auth defines the categories of headers concerning authentication.	no
informationLeakage	object	InformationLeakage defines the categories of headers concerning information leakage.	no
`permissiveCors`	bool	PermissiveCORS removes upstream response headers for CORS (Cross-Origin Resource Sharing) which have no restrictions and therefore reduce client-side security. Removes headers: `Access-Control-Allow-Origin` (if value matches: `(?i:^[[:blank:]]\[[:blank:]]$)`)*	no	`true`	`true`, `false`

HeaderRewrites.spec.response.remove.builtIn.auth

Field	Type	Description	Required	Default	Allowed Values
`basic`	bool	Basic removes upstream response headers that advise clients to authenticate with Basic Authentication. Removes headers: `WWW-Authenticate` (if value matches: `(?i:^Basic.)`)*	no	`false`	`true`, `false`
`ntlm`	bool	NTLM removes upstream response headers that advise clients to authenticate with NTLM. By default, these headers are removed, because NTLM pass-through is not supported. Removes headers: `WWW-Authenticate` (if value matches: `(?i:^NTLM.)`)*	no	`true`	`true`, `false`
`negotiate`	bool	Negotiate removes upstream response headers that advise clients to authenticate with Negotiate. Removes headers: `WWW-Authenticate` (if value matches: `(?i:^Negotiate.)`)*	no	`true`	`true`, `false`

HeaderRewrites.spec.response.remove.builtIn.informationLeakage

Field	Type	Description	Required	Default	Allowed Values
`application`	bool	Application removes upstream response headers that leak information about the deployed software. Removes headers: `X-AspNet-Version` `X-AspNetMvc-Version` `X-Generator` `X-Powered-By`	no	`true`	`true`, `false`
`server`	bool	Server removes upstream response headers that leak information about the server. Removes headers: `Age` `Link` `P3P` `Proxy-Authenticate` `Server` `Via`	no	`true`	`true`, `false`

HeaderRewrites.spec.response.remove.custom[]

Field	Type	Description	Required	Default	Allowed Values
headers	object[]	Headers to remove.	yes
`name`	string	Name describing the configured remove operation. Must be unique.	yes

HeaderRewrites.spec.response.remove.custom[].headers[]

Field	Type	Description	Required	Default	Allowed Values
name	object	Name defines the name of a header.	no
value	object	Value defines the value of a header.	no

HeaderRewrites.spec.response.remove.custom[].headers[].name

Field	Type	Description	Required	Default	Allowed Values
matcher	object	Matcher defines the way to match a string. In comparison to a normal StringMatcher, a value is always matched ignoring the case and can’t be inverted.	yes		`exact{}`, `prefix{}`, `suffix{}`, `regex{}`, `contains{}`

HeaderRewrites.spec.response.remove.custom[].headers[].name.matcher

Field	Type	Description	Required
`contains`	string	Contains defines a substring match on the substring specified here. Empty contains match is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no
`exact`	string	Exact defines an explicit match on the string specified here. Only one of exact, prefix, suffix, regex or contains can be set.	no
`prefix`	string	Prefix defines a prefix match on the prefix specified here. Empty prefix is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no
`regex`	string	Regex defines a regex match on the regular expression specified here. Google’s RE2 regex engine is used. The regex matches only single-line by default, even with “.*”. To match a multi-line string prepend (?s) to your regex. Only one of exact, prefix, suffix, regex or contains can be set.	no
`suffix`	string	Suffix defines a suffix match on the suffix specified here. Empty suffix is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no

HeaderRewrites.spec.response.remove.custom[].headers[].value

Field	Type	Description	Required	Default	Allowed Values
matcher	object		yes		`exact{}`, `prefix{}`, `suffix{}`, `regex{}`, `contains{}`

HeaderRewrites.spec.response.remove.custom[].headers[].value.matcher

Field	Type	Description	Required	Default	Allowed Values
`contains`	string	Contains defines a substring match on the substring specified here. Empty contains match is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no
`exact`	string	Exact defines an explicit match on the string specified here. Only one of exact, prefix, suffix, regex or contains can be set.	no
`ignoreCase`	bool	IgnoreCase indicates whether the matching should be case-insensitive. In case of a regex match, the regex gets wrapped with a group `(?i:...)`.	no	`false`	`true`, `false`
`prefix`	string	Prefix defines a prefix match on the prefix specified here. Empty prefix is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no
`regex`	string	Regex defines a regex match on the regular expression specified here. Google’s RE2 regex engine is used. The regex matches only single-line by default, even with “.*”. To match a multi-line string prepend (?s) to your regex. Only one of exact, prefix, suffix, regex or contains can be set.	no
`suffix`	string	Suffix defines a suffix match on the suffix specified here. Empty suffix is not allowed, please use regex instead. Only one of exact, prefix, suffix, regex or contains can be set.	no

HeaderRewrites.spec.settings

Field	Type	Description	Required	Default	Allowed Values
`operationalMode`	enum	OperationalMode defines the behavior of the filter. In integration mode more information is logged about the requests and responses.	no	`Production`	`Production`, `Integration`