Early sanitization of incoming headers #12940
Description
kgateway version
main
Is your feature request related to a problem? Please describe.
A very common feature of API gateways is to able to sanitize various HTTP headers from an incoming request, especially for gateways that are handling untrusted downstream traffic.
Currently there are ways to do this with kgateway, such using a transformation policy or the header modifier feature, but (at least in the envoy world) these occur as "standard" filters in an already executing filter chain, thus will not guarantee that the headers are removed before any routing or processing decisions are made.
Describe the solution you'd like
An API that exposes the ability to sanitize headers as early as possible in the processing of an incoming request
Describe alternatives you've considered
No response
Additional Context
This was previously tracked for the 1.x version of Gloo in #9604 and completed via #10262.
Exposed on HttpListenerOptions
Effectively configures https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/http/early_header_mutation/header_mutation/v3/header_mutation.proto#extensions-http-early-header-mutation-header-mutation-v3-headermutation