Package io.netty.handler.codec.http
Class HttpHeaderValidationUtil
java.lang.Object
io.netty.handler.codec.http.HttpHeaderValidationUtil
Functions used to perform various validations of HTTP header names and values.
-
Nested Class Summary
Nested Classes -
Field Summary
FieldsModifier and TypeFieldDescriptionprivate static final longprivate static final long -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic booleanisConnectionHeader(CharSequence name, boolean ignoreTeHeader) Check if a header name is "connection related".static booleanisTeNotTrailers(CharSequence name, CharSequence value) If the given header isHttpHeaderNames.TEand the given header value is notHttpHeaderValues.TRAILERS, then returntrue.private static intValidate that anAsciiStringcontain onlu valid token characters.private static intValidate that aCharSequencecontain onlu valid token characters.static intvalidateToken(CharSequence token) Validate a token contains only allowed characters.static intValidate the given HTTP header value by searching for any illegal characters.private static intprivate static int
-
Field Details
-
TOKEN_CHARS_HIGH
private static final long TOKEN_CHARS_HIGH -
TOKEN_CHARS_LOW
private static final long TOKEN_CHARS_LOW
-
-
Constructor Details
-
HttpHeaderValidationUtil
private HttpHeaderValidationUtil()
-
-
Method Details
-
isConnectionHeader
Check if a header name is "connection related".The RFC9110 only specify an incomplete list of the following headers:
- Connection
- Proxy-Connection
- Keep-Alive
- TE
- Transfer-Encoding
- Upgrade
- Parameters:
name- the name of the header to check. The check is case-insensitive.ignoreTeHeader-trueif the TE header should be ignored by this check. This is relevant for HTTP/2 header validation, where the TE header has special rules.- Returns:
trueif the given header name is one of the specified connection-related headers.
-
isTeNotTrailers
If the given header isHttpHeaderNames.TEand the given header value is notHttpHeaderValues.TRAILERS, then returntrue. Otherwie,false.The string comparisons are case-insensitive.
This check is important for HTTP/2 header validation.
- Parameters:
name- the header name to check if it is TE or not.value- the header value to check if it is something other than TRAILERS.- Returns:
trueonly if the header name is TE, and the header value is not TRAILERS. Otherwise,false.
-
validateValidHeaderValue
Validate the given HTTP header value by searching for any illegal characters.- Parameters:
value- the HTTP header value to validate.- Returns:
- the index of the first illegal character found, or
-1if there are none and the header value is valid.
-
verifyValidHeaderValueAsciiString
-
verifyValidHeaderValueCharSequence
-
validateToken
Validate a token contains only allowed characters.The token format is used for variety of HTTP components, like cookie-name, field-name of a header-field, or request method.
- Parameters:
token- the token to validate.- Returns:
- the index of the first invalid token character found, or
-1if there are none.
-
validateAsciiStringToken
Validate that anAsciiStringcontain onlu valid token characters.- Parameters:
token- the ascii string to validate.
-
validateCharSequenceToken
Validate that aCharSequencecontain onlu valid token characters.- Parameters:
token- the character sequence to validate.
-