Class DefaultHttpHeadersFactory
- All Implemented Interfaces:
HttpHeadersFactory
HttpHeadersFactory
instances, that itself implements HttpHeadersFactory
.
The builder is immutable, and every with-
method produce a new, modified instance.
The default builder you most likely want to start with is headersFactory()
.
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate final boolean
private static final DefaultHttpHeadersFactory
private static final DefaultHttpHeadersFactory
private static final DefaultHeaders.NameValidator
<CharSequence> private static final DefaultHttpHeadersFactory
private static final DefaultHttpHeadersFactory
private static final DefaultHeaders.NameValidator
<CharSequence> private static final DefaultHeaders.ValueValidator
<CharSequence> private final DefaultHeaders.NameValidator
<CharSequence> private static final DefaultHeaders.NameValidator
<CharSequence> private static final DefaultHeaders.ValueValidator
<CharSequence> private final DefaultHeaders.ValueValidator
<CharSequence> -
Constructor Summary
ConstructorsModifierConstructorDescriptionprivate
DefaultHttpHeadersFactory
(DefaultHeaders.NameValidator<CharSequence> nameValidator, DefaultHeaders.ValueValidator<CharSequence> valueValidator, boolean combiningHeaders) Create a header builder with the given settings. -
Method Summary
Modifier and TypeMethodDescriptionGet the currently configuredDefaultHeaders.NameValidator
.Get the currently configuredDefaultHeaders.ValueValidator
.static DefaultHttpHeadersFactory
Get the default implementation ofHttpHeadersFactory
for creating headers.boolean
Check whether header combining is enabled or not.boolean
Check whether header name validation is enabled.boolean
Check whether header value validation is enabled.Create a newHttpHeaders
instance, but sized to be as small an object as possible.Create a newHttpHeaders
instance.static DefaultHttpHeadersFactory
Get the default implementation ofHttpHeadersFactory
for creating trailers.withCombiningHeaders
(boolean combiningHeaders) Create a new builder that will buildHttpHeaders
objects that either combine multi-valued headers, or not.withNameValidation
(boolean validation) Create a new builder that has HTTP header name validation enabled or disabled.Create a new builder that with the givenDefaultHeaders.NameValidator
.withValidation
(boolean validation) Create a new builder that has HTTP header validation enabled or disabled.withValueValidation
(boolean validation) Create a new builder that has HTTP header value validation enabled or disabled.Create a new builder that with the givenDefaultHeaders.ValueValidator
.
-
Field Details
-
DEFAULT_NAME_VALIDATOR
-
DEFAULT_VALUE_VALIDATOR
-
DEFAULT_TRAILER_NAME_VALIDATOR
-
NO_NAME_VALIDATOR
-
NO_VALUE_VALIDATOR
-
DEFAULT
-
DEFAULT_TRAILER
-
DEFAULT_COMBINING
-
DEFAULT_NO_VALIDATION
-
nameValidator
-
valueValidator
-
combiningHeaders
private final boolean combiningHeaders
-
-
Constructor Details
-
DefaultHttpHeadersFactory
private DefaultHttpHeadersFactory(DefaultHeaders.NameValidator<CharSequence> nameValidator, DefaultHeaders.ValueValidator<CharSequence> valueValidator, boolean combiningHeaders) Create a header builder with the given settings.- Parameters:
nameValidator
- The name validator to use, not null.valueValidator
- The value validator to use, not null.combiningHeaders
-true
if multi-valued headers should be combined into single lines.
-
-
Method Details
-
headersFactory
Get the default implementation ofHttpHeadersFactory
for creating headers.This
DefaultHttpHeadersFactory
createsHttpHeaders
instances that has the recommended header validation enabled. -
trailersFactory
Get the default implementation ofHttpHeadersFactory
for creating trailers.This
DefaultHttpHeadersFactory
createsHttpHeaders
instances that has the validation enabled that is recommended for trailers. -
newHeaders
Description copied from interface:HttpHeadersFactory
Create a newHttpHeaders
instance.- Specified by:
newHeaders
in interfaceHttpHeadersFactory
-
newEmptyHeaders
Description copied from interface:HttpHeadersFactory
Create a newHttpHeaders
instance, but sized to be as small an object as possible.- Specified by:
newEmptyHeaders
in interfaceHttpHeadersFactory
-
withNameValidation
Create a new builder that has HTTP header name validation enabled or disabled.Warning! Setting
validation
tofalse
will mean that Netty won't validate invalid input: '&' protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.- Parameters:
validation
- If validation should be enabled or disabled.- Returns:
- The new builder.
-
withNameValidator
public DefaultHttpHeadersFactory withNameValidator(DefaultHeaders.NameValidator<CharSequence> validator) Create a new builder that with the givenDefaultHeaders.NameValidator
.Warning! If the given validator does not check that the header names are standards compliant, Netty won't validate invalid input: '&' protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.
- Parameters:
validator
- The HTTP header name validator to use.- Returns:
- The new builder.
-
withValueValidation
Create a new builder that has HTTP header value validation enabled or disabled.Warning! Setting
validation
tofalse
will mean that Netty won't validate invalid input: '&' protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.- Parameters:
validation
- If validation should be enabled or disabled.- Returns:
- The new builder.
-
withValueValidator
public DefaultHttpHeadersFactory withValueValidator(DefaultHeaders.ValueValidator<CharSequence> validator) Create a new builder that with the givenDefaultHeaders.ValueValidator
.Warning! If the given validator does not check that the header values are standards compliant, Netty won't validate invalid input: '&' protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.
- Parameters:
validator
- The HTTP header name validator to use.- Returns:
- The new builder.
-
withValidation
Create a new builder that has HTTP header validation enabled or disabled.Warning! Setting
validation
tofalse
will mean that Netty won't validate invalid input: '&' protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.- Parameters:
validation
- If validation should be enabled or disabled.- Returns:
- The new builder.
-
withCombiningHeaders
Create a new builder that will buildHttpHeaders
objects that either combine multi-valued headers, or not.- Parameters:
combiningHeaders
-true
if multi-valued headers should be combined, otherwisefalse
.- Returns:
- The new builder.
-
getNameValidator
Get the currently configuredDefaultHeaders.NameValidator
.This method will be used by the
newHeaders()
method.- Returns:
- The configured name validator.
-
getValueValidator
Get the currently configuredDefaultHeaders.ValueValidator
.This method will be used by the
newHeaders()
method.- Returns:
- The configured value validator.
-
isCombiningHeaders
public boolean isCombiningHeaders()Check whether header combining is enabled or not.- Returns:
true
if header value combining is enabled, otherwisefalse
.
-
isValidatingHeaderNames
public boolean isValidatingHeaderNames()Check whether header name validation is enabled.- Returns:
true
if header name validation is enabled, otherwisefalse
.
-
isValidatingHeaderValues
public boolean isValidatingHeaderValues()Check whether header value validation is enabled.- Returns:
true
if header value validation is enabled, otherwisefalse
.
-