1.16.4 (May 11, 2021)¶
http: added the ability to unescape slash sequences in the path. Requests with unescaped slashes can be proxied, rejected or redirected to the new unescaped path. By default this feature is disabled. The default behavior can be overridden through http_connection_manager.path_with_escaped_slashes_action runtime variable. This action can be selectively enabled for a portion of requests by setting the http_connection_manager.path_with_escaped_slashes_action_sampling runtime variable.