rewrite: Add option to force modifying the query

[francislavoie]

Fix #5208

When a user wants to rewrite the URI, if they use a placeholder which might contain both the path and query, currently only the path portion of the placeholder will be used and the query is discarded.

This isn't ideal when the placeholder input comes from, for example, a response header from upstream when doing X-Accel-Redirect style intercepting of the response.

To work around this, we can add an option to force-enable query modifications, essentially marking the configured placeholder input as "trusted" in the sense that it's expected to contain a valid query part and not an injected ? via URL encoding.

I'm not sure the implementation is completely correct. There's a test case I'm not quite sure how we want to handle, i.e. the placeholder only having a query and no path. Is that something we care to support? If not I can remove that TODO comment.

[mholt]

Thanks for proposing this Francis, I'll try to get around to reviewing this soon. (Sorry for the delay. I'm also curious about this versus #5504)

[mholt]

This LGTM, but I have a nit regarding the naming 🙃

[mholt]

What if we call this SpanComponents or something a little more precise? It looks like what this change really does is make a single placeholder able to span URI components.

[francislavoie]

That makes me think of a <span> JS component. That name doesn't bring any mental association to what it does to me.

[mholt]

Hmm. I mean, obviously this is a backend context (a rewrite middleware) where we're talking about the URI... but I can see why you'd have that correlation.

What about AllowExpansion or something?

[francislavoie]

I decided to go with force_modify_query, adding the force_ prefix, similar to other examples we've had like force_automate