Class DefaultHttpHeadersFactory
- java.lang.Object
-
- io.netty.handler.codec.http.DefaultHttpHeadersFactory
-
- All Implemented Interfaces:
HttpHeadersFactory
public final class DefaultHttpHeadersFactory extends java.lang.Object implements HttpHeadersFactory
A builder ofHttpHeadersFactory
instances, that itself implementsHttpHeadersFactory
. The builder is immutable, and everywith-
method produce a new, modified instance.The default builder you most likely want to start with is
headersFactory()
.
-
-
Field Summary
Fields Modifier and Type Field Description private boolean
combiningHeaders
private static DefaultHttpHeadersFactory
DEFAULT
private static DefaultHttpHeadersFactory
DEFAULT_COMBINING
private static DefaultHeaders.NameValidator<java.lang.CharSequence>
DEFAULT_NAME_VALIDATOR
private static DefaultHttpHeadersFactory
DEFAULT_NO_VALIDATION
private static DefaultHttpHeadersFactory
DEFAULT_TRAILER
private static DefaultHeaders.NameValidator<java.lang.CharSequence>
DEFAULT_TRAILER_NAME_VALIDATOR
private static DefaultHeaders.ValueValidator<java.lang.CharSequence>
DEFAULT_VALUE_VALIDATOR
private DefaultHeaders.NameValidator<java.lang.CharSequence>
nameValidator
private static DefaultHeaders.NameValidator<java.lang.CharSequence>
NO_NAME_VALIDATOR
private static DefaultHeaders.ValueValidator<java.lang.CharSequence>
NO_VALUE_VALIDATOR
private DefaultHeaders.ValueValidator<java.lang.CharSequence>
valueValidator
-
Constructor Summary
Constructors Modifier Constructor Description private
DefaultHttpHeadersFactory(DefaultHeaders.NameValidator<java.lang.CharSequence> nameValidator, DefaultHeaders.ValueValidator<java.lang.CharSequence> valueValidator, boolean combiningHeaders)
Create a header builder with the given settings.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description DefaultHeaders.NameValidator<java.lang.CharSequence>
getNameValidator()
Get the currently configuredDefaultHeaders.NameValidator
.DefaultHeaders.ValueValidator<java.lang.CharSequence>
getValueValidator()
Get the currently configuredDefaultHeaders.ValueValidator
.static DefaultHttpHeadersFactory
headersFactory()
Get the default implementation ofHttpHeadersFactory
for creating headers.boolean
isCombiningHeaders()
Check whether header combining is enabled or not.boolean
isValidatingHeaderNames()
Check whether header name validation is enabled.boolean
isValidatingHeaderValues()
Check whether header value validation is enabled.HttpHeaders
newEmptyHeaders()
Create a newHttpHeaders
instance, but sized to be as small an object as possible.HttpHeaders
newHeaders()
Create a newHttpHeaders
instance.static DefaultHttpHeadersFactory
trailersFactory()
Get the default implementation ofHttpHeadersFactory
for creating trailers.DefaultHttpHeadersFactory
withCombiningHeaders(boolean combiningHeaders)
Create a new builder that will buildHttpHeaders
objects that either combine multi-valued headers, or not.DefaultHttpHeadersFactory
withNameValidation(boolean validation)
Create a new builder that has HTTP header name validation enabled or disabled.DefaultHttpHeadersFactory
withNameValidator(DefaultHeaders.NameValidator<java.lang.CharSequence> validator)
Create a new builder that with the givenDefaultHeaders.NameValidator
.DefaultHttpHeadersFactory
withValidation(boolean validation)
Create a new builder that has HTTP header validation enabled or disabled.DefaultHttpHeadersFactory
withValueValidation(boolean validation)
Create a new builder that has HTTP header value validation enabled or disabled.DefaultHttpHeadersFactory
withValueValidator(DefaultHeaders.ValueValidator<java.lang.CharSequence> validator)
Create a new builder that with the givenDefaultHeaders.ValueValidator
.
-
-
-
Field Detail
-
DEFAULT_NAME_VALIDATOR
private static final DefaultHeaders.NameValidator<java.lang.CharSequence> DEFAULT_NAME_VALIDATOR
-
DEFAULT_VALUE_VALIDATOR
private static final DefaultHeaders.ValueValidator<java.lang.CharSequence> DEFAULT_VALUE_VALIDATOR
-
DEFAULT_TRAILER_NAME_VALIDATOR
private static final DefaultHeaders.NameValidator<java.lang.CharSequence> DEFAULT_TRAILER_NAME_VALIDATOR
-
NO_NAME_VALIDATOR
private static final DefaultHeaders.NameValidator<java.lang.CharSequence> NO_NAME_VALIDATOR
-
NO_VALUE_VALIDATOR
private static final DefaultHeaders.ValueValidator<java.lang.CharSequence> NO_VALUE_VALIDATOR
-
DEFAULT
private static final DefaultHttpHeadersFactory DEFAULT
-
DEFAULT_TRAILER
private static final DefaultHttpHeadersFactory DEFAULT_TRAILER
-
DEFAULT_COMBINING
private static final DefaultHttpHeadersFactory DEFAULT_COMBINING
-
DEFAULT_NO_VALIDATION
private static final DefaultHttpHeadersFactory DEFAULT_NO_VALIDATION
-
nameValidator
private final DefaultHeaders.NameValidator<java.lang.CharSequence> nameValidator
-
valueValidator
private final DefaultHeaders.ValueValidator<java.lang.CharSequence> valueValidator
-
combiningHeaders
private final boolean combiningHeaders
-
-
Constructor Detail
-
DefaultHttpHeadersFactory
private DefaultHttpHeadersFactory(DefaultHeaders.NameValidator<java.lang.CharSequence> nameValidator, DefaultHeaders.ValueValidator<java.lang.CharSequence> valueValidator, boolean combiningHeaders)
Create a header builder with the given settings.- Parameters:
nameValidator
- The name validator to use, not null.valueValidator
- The value validator to use, not null.combiningHeaders
-true
if multi-valued headers should be combined into single lines.
-
-
Method Detail
-
headersFactory
public static DefaultHttpHeadersFactory headersFactory()
Get the default implementation ofHttpHeadersFactory
for creating headers.This
DefaultHttpHeadersFactory
createsHttpHeaders
instances that has the recommended header validation enabled.
-
trailersFactory
public static DefaultHttpHeadersFactory trailersFactory()
Get the default implementation ofHttpHeadersFactory
for creating trailers.This
DefaultHttpHeadersFactory
createsHttpHeaders
instances that has the validation enabled that is recommended for trailers.
-
newHeaders
public HttpHeaders newHeaders()
Description copied from interface:HttpHeadersFactory
Create a newHttpHeaders
instance.- Specified by:
newHeaders
in interfaceHttpHeadersFactory
-
newEmptyHeaders
public HttpHeaders newEmptyHeaders()
Description copied from interface:HttpHeadersFactory
Create a newHttpHeaders
instance, but sized to be as small an object as possible.- Specified by:
newEmptyHeaders
in interfaceHttpHeadersFactory
-
withNameValidation
public DefaultHttpHeadersFactory withNameValidation(boolean validation)
Create a new builder that has HTTP header name validation enabled or disabled.Warning! Setting
validation
tofalse
will mean that Netty won't validate & protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.- Parameters:
validation
- If validation should be enabled or disabled.- Returns:
- The new builder.
-
withNameValidator
public DefaultHttpHeadersFactory withNameValidator(DefaultHeaders.NameValidator<java.lang.CharSequence> validator)
Create a new builder that with the givenDefaultHeaders.NameValidator
.Warning! If the given validator does not check that the header names are standards compliant, Netty won't validate & protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.
- Parameters:
validator
- The HTTP header name validator to use.- Returns:
- The new builder.
-
withValueValidation
public DefaultHttpHeadersFactory withValueValidation(boolean validation)
Create a new builder that has HTTP header value validation enabled or disabled.Warning! Setting
validation
tofalse
will mean that Netty won't validate & protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.- Parameters:
validation
- If validation should be enabled or disabled.- Returns:
- The new builder.
-
withValueValidator
public DefaultHttpHeadersFactory withValueValidator(DefaultHeaders.ValueValidator<java.lang.CharSequence> validator)
Create a new builder that with the givenDefaultHeaders.ValueValidator
.Warning! If the given validator does not check that the header values are standards compliant, Netty won't validate & protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.
- Parameters:
validator
- The HTTP header name validator to use.- Returns:
- The new builder.
-
withValidation
public DefaultHttpHeadersFactory withValidation(boolean validation)
Create a new builder that has HTTP header validation enabled or disabled.Warning! Setting
validation
tofalse
will mean that Netty won't validate & protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.- Parameters:
validation
- If validation should be enabled or disabled.- Returns:
- The new builder.
-
withCombiningHeaders
public DefaultHttpHeadersFactory withCombiningHeaders(boolean combiningHeaders)
Create a new builder that will buildHttpHeaders
objects that either combine multi-valued headers, or not.- Parameters:
combiningHeaders
-true
if multi-valued headers should be combined, otherwisefalse
.- Returns:
- The new builder.
-
getNameValidator
public DefaultHeaders.NameValidator<java.lang.CharSequence> getNameValidator()
Get the currently configuredDefaultHeaders.NameValidator
.This method will be used by the
newHeaders()
method.- Returns:
- The configured name validator.
-
getValueValidator
public DefaultHeaders.ValueValidator<java.lang.CharSequence> getValueValidator()
Get the currently configuredDefaultHeaders.ValueValidator
.This method will be used by the
newHeaders()
method.- Returns:
- The configured value validator.
-
isCombiningHeaders
public boolean isCombiningHeaders()
Check whether header combining is enabled or not.- Returns:
true
if header value combining is enabled, otherwisefalse
.
-
isValidatingHeaderNames
public boolean isValidatingHeaderNames()
Check whether header name validation is enabled.- Returns:
true
if header name validation is enabled, otherwisefalse
.
-
isValidatingHeaderValues
public boolean isValidatingHeaderValues()
Check whether header value validation is enabled.- Returns:
true
if header value validation is enabled, otherwisefalse
.
-
-