Add disallowed_headers knob to ext_authz config

[antoniovleonti]

Commit Message: Add disallowed_headers knob to ext_authz config Additional Description: This PR adds a config field to ext_authz that will prevent the specified headers from being sent to the external authentication service. This new field (disallowed_headers) will always override the allowed_headers field. Risk Level: low Testing: unit tests & integration tests Docs Changes: none Release Notes: added to changelog Platform Specific Features: n/a [Optional Runtime guard:] [Optional Fixes #Issue] [Optional Fixes commit #PR or SHA] [Optional Deprecated:] [Optional API Considerations:]

[repokitteh-read-only[bot]]

CC @envoyproxy/api-shepherds: Your approval is needed for changes made to (api/envoy/|docs/root/api-docs/). envoyproxy/api-shepherds assignee is @wbpcode CC @envoyproxy/api-watchers: FYI only for changes made to (api/envoy/|docs/root/api-docs/).

:cat:

Caused by: https://github.com/envoyproxy/envoy/pull/33349 was opened by antoniovleonti.

see: more, trace.

[antoniovleonti]

/assign @tyxia

[antoniovleonti]

/retest

[antoniovleonti]

/retest

[antoniovleonti]

/retest

[tyxia]

/assign @yanjunxiang-google

Could you take a first pass on it? Thanks

[antoniovleonti]

Just realized, #33244 should probably be merged before this one.

#33244 refactors HttpFilterTestParam, which is a parameterized test fixture used to write some of this PR's tests.

[wbpcode]

ping me if this is ready for a maintainer review. :)

[RyanTheOptimist]

/wait

[antoniovleonti]

This PR is ready for review. @wbpcode

[wbpcode]

/wait-any

[antoniovleonti]

@yanjunxiang-google please review

[antoniovleonti]

/retest

[antoniovleonti]

/retest

[antoniovleonti]

@wbpcode I think I need your API review again.

[ravenblackx]

@wbpcode ping for api re-review

[wbpcode]

/lgtm api

[wbpcode]

Because @tyxia is the owner and has approved this PR. And it's LGTM, so will merge it directly. :)