Class HttpHeaderValidationUtil

java.lang.Object
io.netty.handler.codec.http.HttpHeaderValidationUtil

@UnstableApi public final class HttpHeaderValidationUtil extends Object
Functions used to perform various validations of HTTP header names and values.
  • Field Details

    • TOKEN_CHARS_HIGH

      private static final long TOKEN_CHARS_HIGH
    • TOKEN_CHARS_LOW

      private static final long TOKEN_CHARS_LOW
  • Constructor Details

    • HttpHeaderValidationUtil

      private HttpHeaderValidationUtil()
  • Method Details

    • isConnectionHeader

      public static boolean isConnectionHeader(CharSequence name, boolean ignoreTeHeader)
      Check if a header name is "connection related".

      The RFC9110 only specify an incomplete list of the following headers:

      • Connection
      • Proxy-Connection
      • Keep-Alive
      • TE
      • Transfer-Encoding
      • Upgrade
      Parameters:
      name - the name of the header to check. The check is case-insensitive.
      ignoreTeHeader - true if the TE header should be ignored by this check. This is relevant for HTTP/2 header validation, where the TE header has special rules.
      Returns:
      true if the given header name is one of the specified connection-related headers.
    • isTeNotTrailers

      public static boolean isTeNotTrailers(CharSequence name, CharSequence value)
      If the given header is HttpHeaderNames.TE and the given header value is not HttpHeaderValues.TRAILERS, then return true. Otherwie, false.

      The string comparisons are case-insensitive.

      This check is important for HTTP/2 header validation.

      Parameters:
      name - the header name to check if it is TE or not.
      value - the header value to check if it is something other than TRAILERS.
      Returns:
      true only if the header name is TE, and the header value is not TRAILERS. Otherwise, false.
    • validateValidHeaderValue

      public static int validateValidHeaderValue(CharSequence value)
      Validate the given HTTP header value by searching for any illegal characters.
      Parameters:
      value - the HTTP header value to validate.
      Returns:
      the index of the first illegal character found, or -1 if there are none and the header value is valid.
    • verifyValidHeaderValueAsciiString

      private static int verifyValidHeaderValueAsciiString(AsciiString value)
    • verifyValidHeaderValueCharSequence

      private static int verifyValidHeaderValueCharSequence(CharSequence value)
    • validateToken

      public static int validateToken(CharSequence token)
      Validate a token contains only allowed characters.

      The token format is used for variety of HTTP components, like cookie-name, field-name of a header-field, or request method.

      Parameters:
      token - the token to validate.
      Returns:
      the index of the first invalid token character found, or -1 if there are none.
    • validateAsciiStringToken

      private static int validateAsciiStringToken(AsciiString token)
      Validate that an AsciiString contain onlu valid token characters.
      Parameters:
      token - the ascii string to validate.
    • validateCharSequenceToken

      private static int validateCharSequenceToken(CharSequence token)
      Validate that a CharSequence contain onlu valid token characters.
      Parameters:
      token - the character sequence to validate.