Package io.netty.handler.codec.http
Class HttpHeaderValidationUtil
java.lang.Object
io.netty.handler.codec.http.HttpHeaderValidationUtil
Functions used to perform various validations of HTTP header names and values.
-
Nested Class Summary
Nested Classes -
Field Summary
FieldsModifier and TypeFieldDescriptionprivate static final long
private static final long
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic boolean
isConnectionHeader
(CharSequence name, boolean ignoreTeHeader) Check if a header name is "connection related".static boolean
isTeNotTrailers
(CharSequence name, CharSequence value) If the given header isHttpHeaderNames.TE
and the given header value is notHttpHeaderValues.TRAILERS
, then returntrue
.private static int
Validate that anAsciiString
contain onlu valid token characters.private static int
Validate that aCharSequence
contain onlu valid token characters.static int
validateToken
(CharSequence token) Validate a token contains only allowed characters.static int
Validate the given HTTP header value by searching for any illegal characters.private static int
private static int
-
Field Details
-
TOKEN_CHARS_HIGH
private static final long TOKEN_CHARS_HIGH -
TOKEN_CHARS_LOW
private static final long TOKEN_CHARS_LOW
-
-
Constructor Details
-
HttpHeaderValidationUtil
private HttpHeaderValidationUtil()
-
-
Method Details
-
isConnectionHeader
Check if a header name is "connection related".The RFC9110 only specify an incomplete list of the following headers:
- Connection
- Proxy-Connection
- Keep-Alive
- TE
- Transfer-Encoding
- Upgrade
- Parameters:
name
- the name of the header to check. The check is case-insensitive.ignoreTeHeader
-true
if the TE header should be ignored by this check. This is relevant for HTTP/2 header validation, where the TE header has special rules.- Returns:
true
if the given header name is one of the specified connection-related headers.
-
isTeNotTrailers
If the given header isHttpHeaderNames.TE
and the given header value is notHttpHeaderValues.TRAILERS
, then returntrue
. Otherwie,false
.The string comparisons are case-insensitive.
This check is important for HTTP/2 header validation.
- Parameters:
name
- the header name to check if it is TE or not.value
- the header value to check if it is something other than TRAILERS.- Returns:
true
only if the header name is TE, and the header value is not TRAILERS. Otherwise,false
.
-
validateValidHeaderValue
Validate the given HTTP header value by searching for any illegal characters.- Parameters:
value
- the HTTP header value to validate.- Returns:
- the index of the first illegal character found, or
-1
if there are none and the header value is valid.
-
verifyValidHeaderValueAsciiString
-
verifyValidHeaderValueCharSequence
-
validateToken
Validate a token contains only allowed characters.The token format is used for variety of HTTP components, like cookie-name, field-name of a header-field, or request method.
- Parameters:
token
- the token to validate.- Returns:
- the index of the first invalid token character found, or
-1
if there are none.
-
validateAsciiStringToken
Validate that anAsciiString
contain onlu valid token characters.- Parameters:
token
- the ascii string to validate.
-
validateCharSequenceToken
Validate that aCharSequence
contain onlu valid token characters.- Parameters:
token
- the character sequence to validate.
-