This is an automated email from the ASF dual-hosted git repository.
davsclaus pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/main by this push:
new 03f84b2a249a CAMEL-23588: docs - sync camel-undertow 4.18 and 4.14
upgrade-guide entries to main (#23994)
03f84b2a249a is described below
commit 03f84b2a249a1fd7675687c1ba360933a8df0c80
Author: Andrea Cosentino <[email protected]>
AuthorDate: Fri Jun 12 22:41:27 2026 +0200
CAMEL-23588: docs - sync camel-undertow 4.18 and 4.14 upgrade-guide entries
to main (#23994)
The camel-undertow websocket.* HeaderFilterStrategy change (CAMEL-23588) is
being
backported to camel-4.18.x and camel-4.14.x, which add the upgrade-guide
entry to
the 4_18 / 4_14 guides on those maintenance branches. Per the upgrade-guide
policy,
the version-specific guides on main are the canonical cross-release history
and must
carry the same entries (main's 4_21 guide already has it).
This adds the camel-undertow 'potential breaking change' entry to
camel-4x-upgrade-guide-4_18.adoc and camel-4x-upgrade-guide-4_14.adoc on
main,
grouped with the CAMEL-23532 vertx-websocket / atmosphere-websocket family.
---
.../ROOT/pages/camel-4x-upgrade-guide-4_14.adoc | 47 ++++++++++++++++++++++
.../ROOT/pages/camel-4x-upgrade-guide-4_18.adoc | 47 ++++++++++++++++++++++
2 files changed, 94 insertions(+)
diff --git
a/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_14.adoc
b/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_14.adoc
index 33272e01268b..0279ae2e55a6 100644
--- a/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_14.adoc
+++ b/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_14.adoc
@@ -1077,6 +1077,53 @@ default `HttpHeaderFilterStrategy` filters headers
starting with `Camel` / `came
(case-insensitive). Routes that relied on receiving `Camel`-prefixed header
names from WebSocket
query parameters can supply a custom `headerFilterStrategy` to restore the
previous behaviour.
+=== camel-undertow - potential breaking change
+
+`UndertowHeaderFilterStrategy` now also filters the legacy `websocket.*`
+Exchange-header prefix (in addition to the `Camel*` / `camel*` /
+`org.apache.camel.*` prefixes it already filtered). This applies to both the
+in (wire -> exchange) and out (exchange -> wire) directions and follows the
+dedicated-filter-strategy shape used by CAMEL-23532 for
+`camel-vertx-websocket` / `camel-atmosphere-websocket` / `camel-iggy`.
+
+The constants in `UndertowConstants` (`CONNECTION_KEY`, `CONNECTION_KEY_LIST`,
+`SEND_TO_ALL`, `EVENT_TYPE`, `EVENT_TYPE_ENUM`, `CHANNEL`, `EXCHANGE`) keep
+their existing string values (`websocket.connectionKey`,
+`websocket.connectionKey.list`, `websocket.sendToAll`, etc.) because they are
+part of the undertow component's externally-visible API contract; routes
+referencing them (symbolically or by literal value) continue to work
+unchanged within an undertow route.
+
+The behaviour change applies at undertow's transport boundary:
+
+* Outbound (exchange -> wire): if an exchange ends up at an undertow producer
+ carrying an Exchange header whose name starts with `websocket.`, that
+ header will no longer be propagated onto the outbound HTTP/websocket
+ request as a wire-level header.
+* Inbound (wire -> exchange): if an undertow consumer receives a request
+ whose wire-level headers include a name starting with `websocket.`, that
+ header will no longer be mapped into the resulting Camel exchange.
+
+Note that the `HeaderFilterStrategy` only governs the transport boundary; it
+does not prevent cross-component header injection (for example, an
+`http -> undertow` route where the HTTP consumer maps an attacker-supplied
+`websocket.connectionKey` header into the exchange and the undertow producer
+then reads it via `in.getHeader(...)` to dispatch to a specific peer). For
+defence in depth at the trust boundary, route authors should explicitly strip
+these headers from untrusted inbound traffic, for example:
+
+[source,java]
+----
+from("jetty:http://0.0.0.0:8080/api";)
+ .removeHeaders("websocket.*")
+ .to("undertow:ws://internal-broker/notifications");
+----
+
+Routes that intentionally relied on undertow mapping `websocket.*` wire
+headers in or out can supply a custom `headerFilterStrategy` endpoint option
+to restore the previous behaviour.
+
+
=== camel-aws2-sqs
`Sqs2HeaderFilterStrategy` now also configures an inbound filter aligned with
the existing
diff --git
a/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_18.adoc
b/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_18.adoc
index 479ed71ecaf5..46d8dff881b8 100644
--- a/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_18.adoc
+++ b/docs/user-manual/modules/ROOT/pages/camel-4x-upgrade-guide-4_18.adoc
@@ -1370,6 +1370,53 @@ directions, aligning the component with the rest of the
Camel component catalog.
`Camel`-prefixed user-header names from Iggy messages can supply a custom
`headerFilterStrategy`
to restore the previous behaviour.
+=== camel-undertow - potential breaking change
+
+`UndertowHeaderFilterStrategy` now also filters the legacy `websocket.*`
+Exchange-header prefix (in addition to the `Camel*` / `camel*` /
+`org.apache.camel.*` prefixes it already filtered). This applies to both the
+in (wire -> exchange) and out (exchange -> wire) directions and follows the
+dedicated-filter-strategy shape used by CAMEL-23532 for
+`camel-vertx-websocket` / `camel-atmosphere-websocket` / `camel-iggy`.
+
+The constants in `UndertowConstants` (`CONNECTION_KEY`, `CONNECTION_KEY_LIST`,
+`SEND_TO_ALL`, `EVENT_TYPE`, `EVENT_TYPE_ENUM`, `CHANNEL`, `EXCHANGE`) keep
+their existing string values (`websocket.connectionKey`,
+`websocket.connectionKey.list`, `websocket.sendToAll`, etc.) because they are
+part of the undertow component's externally-visible API contract; routes
+referencing them (symbolically or by literal value) continue to work
+unchanged within an undertow route.
+
+The behaviour change applies at undertow's transport boundary:
+
+* Outbound (exchange -> wire): if an exchange ends up at an undertow producer
+ carrying an Exchange header whose name starts with `websocket.`, that
+ header will no longer be propagated onto the outbound HTTP/websocket
+ request as a wire-level header.
+* Inbound (wire -> exchange): if an undertow consumer receives a request
+ whose wire-level headers include a name starting with `websocket.`, that
+ header will no longer be mapped into the resulting Camel exchange.
+
+Note that the `HeaderFilterStrategy` only governs the transport boundary; it
+does not prevent cross-component header injection (for example, an
+`http -> undertow` route where the HTTP consumer maps an attacker-supplied
+`websocket.connectionKey` header into the exchange and the undertow producer
+then reads it via `in.getHeader(...)` to dispatch to a specific peer). For
+defence in depth at the trust boundary, route authors should explicitly strip
+these headers from untrusted inbound traffic, for example:
+
+[source,java]
+----
+from("jetty:http://0.0.0.0:8080/api";)
+ .removeHeaders("websocket.*")
+ .to("undertow:ws://internal-broker/notifications");
+----
+
+Routes that intentionally relied on undertow mapping `websocket.*` wire
+headers in or out can supply a custom `headerFilterStrategy` endpoint option
+to restore the previous behaviour.
+
+
=== camel-aws2-sqs
`Sqs2HeaderFilterStrategy` now also configures an inbound filter aligned with
the existing
