Consider Ability to Append to HTTP User-Agent Header
bflad opened this issue · comments
Description
Implementors may wish to append their own HTTP User-Agent
header data, e.g. hashicorp/terraform-plugin-sdk#682
In terraform-plugin-sdk's acceptance testing case, we'd automatically append information about the SDK and include the conventional TF_APPEND_USER_AGENT
environment variable value.
If I recall correctly, a main practitioner use case for this was with enterprise Intrusion Detection Systems (IDS) which either log the header or filter based on the header for all outgoing HTTP requests on a corporate network.
If I recall correctly, a main practitioner use case for this was with enterprise Intrusion Detection Systems (IDS) which either log the header or filter based on the header for all outgoing HTTP requests on a corporate network.
I have some (limited) experience with proxies, but I'd love some more insight into how this would work in practice?
Is the idea is that all requests go through a proxy and the machine running TF provider tests has a self-signed SSL cert installed for HashiCorp domains, so that the proxy can actually intercept the SSL-encrypted traffic, including the headers (since both endpoints are HTTPS)?
It sounds like a pretty expensive way of controlling the traffic, when the hostname can be effectively checked (assuming they also control the DNS) without having to decrypt anything, let alone the amount of false alarms checking User-Agent
would likely produce, but I may be misunderstanding some crucial details.
That is to say I am not objecting to a customizable User-Agent
Ah ha, hashicorp/terraform-exec#9 was for language server metrics. I don't think that would apply to this library, so I'm actually tempted to close this out, unless the folks monitoring checkpoint/releases requests might care.
Right, I think that was mainly about the runtime, e.g. requests to TFC via Terraform.
There's a point to be made about filtering downloads of products (incl. Terraform) by User-Agent
, but given that this library's main use case is in automation and CI, I'm not sure how useful would the resulting numbers really be, so I am also tempted to close this.
That said - if someone comes up with a compelling use case for customizable User-Agent I'd be happy to add it!