2bced810da
## Summary When network requests were blocked, downstream code often had to infer ask vs deny from free-form response text. That was brittle and led to incorrect approval behavior. This PR fixes the proxy side so blocked decisions are structured and request metadata survives reliably. ## Description - Blocked proxy responses now carry consistent structured policy decision data. - Request attempt metadata is preserved across proxy env paths (including ALL_PROXY flows). - Header stripping was tightened so we still remove unsafe forwarding headers, but keep metadata needed for policy handling. - Block messages were clarified (for example, allowlist miss vs explicit deny). - Added unified violation log entries so policy failures can be inspected in one place. - Added/updated tests for these behaviors. --------- Co-authored-by: Codex <199175422+chatgpt-codex-connector[bot]@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| admin.rs | ||
| config.rs | ||
| http_proxy.rs | ||
| lib.rs | ||
| metadata.rs | ||
| network_policy.rs | ||
| policy.rs | ||
| proxy.rs | ||
| reasons.rs | ||
| responses.rs | ||
| runtime.rs | ||
| socks5.rs | ||
| state.rs | ||
| upstream.rs | ||