Don't override HOST header if provided by user already in WebSocketClientHandshaker (#10104)
Motivation: The user may need to provide a specific HOST header. We should not override it when specified during handshake. Modifications: Check if a custom HOST header is already provided by the user and if so dont override it Result: Fixes https://github.com/netty/netty/issues/10101
This commit is contained in:
Norman Maurer
GitHub
parent
e4af5c3631
commit
260540b25a
@ -218,12 +218,19 @@ public class WebSocketClientHandshaker07 extends WebSocketClientHandshaker {
|
|||||||
|
|
||||||
if (customHeaders != null) {
|
if (customHeaders != null) {
|
||||||
headers.add(customHeaders);
|
headers.add(customHeaders);
|
||||||
|
if (!headers.contains(HttpHeaderNames.HOST)) {
|
||||||
|
// Only add HOST header if customHeaders did not contain it.
|
||||||
|
//
|
||||||
|
// See https://github.com/netty/netty/issues/10101
|
||||||
|
headers.set(HttpHeaderNames.HOST, websocketHostValue(wsURL));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
headers.set(HttpHeaderNames.HOST, websocketHostValue(wsURL));
|
||||||
}
|
}
|
||||||
|
|
||||||
headers.set(HttpHeaderNames.UPGRADE, HttpHeaderValues.WEBSOCKET)
|
headers.set(HttpHeaderNames.UPGRADE, HttpHeaderValues.WEBSOCKET)
|
||||||
.set(HttpHeaderNames.CONNECTION, HttpHeaderValues.UPGRADE)
|
.set(HttpHeaderNames.CONNECTION, HttpHeaderValues.UPGRADE)
|
||||||
.set(HttpHeaderNames.SEC_WEBSOCKET_KEY, key)
|
.set(HttpHeaderNames.SEC_WEBSOCKET_KEY, key);
|
||||||
.set(HttpHeaderNames.HOST, websocketHostValue(wsURL));
|
|
||||||
|
|
||||||
if (!headers.contains(HttpHeaderNames.SEC_WEBSOCKET_ORIGIN)) {
|
if (!headers.contains(HttpHeaderNames.SEC_WEBSOCKET_ORIGIN)) {
|
||||||
headers.set(HttpHeaderNames.SEC_WEBSOCKET_ORIGIN, websocketOriginValue(wsURL));
|
headers.set(HttpHeaderNames.SEC_WEBSOCKET_ORIGIN, websocketOriginValue(wsURL));
|
||||||
|
|||||||
@ -220,12 +220,19 @@ public class WebSocketClientHandshaker08 extends WebSocketClientHandshaker {
|
|||||||
|
|
||||||
if (customHeaders != null) {
|
if (customHeaders != null) {
|
||||||
headers.add(customHeaders);
|
headers.add(customHeaders);
|
||||||
|
if (!headers.contains(HttpHeaderNames.HOST)) {
|
||||||
|
// Only add HOST header if customHeaders did not contain it.
|
||||||
|
//
|
||||||
|
// See https://github.com/netty/netty/issues/10101
|
||||||
|
headers.set(HttpHeaderNames.HOST, websocketHostValue(wsURL));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
headers.set(HttpHeaderNames.HOST, websocketHostValue(wsURL));
|
||||||
}
|
}
|
||||||
|
|
||||||
headers.set(HttpHeaderNames.UPGRADE, HttpHeaderValues.WEBSOCKET)
|
headers.set(HttpHeaderNames.UPGRADE, HttpHeaderValues.WEBSOCKET)
|
||||||
.set(HttpHeaderNames.CONNECTION, HttpHeaderValues.UPGRADE)
|
.set(HttpHeaderNames.CONNECTION, HttpHeaderValues.UPGRADE)
|
||||||
.set(HttpHeaderNames.SEC_WEBSOCKET_KEY, key)
|
.set(HttpHeaderNames.SEC_WEBSOCKET_KEY, key);
|
||||||
.set(HttpHeaderNames.HOST, websocketHostValue(wsURL));
|
|
||||||
|
|
||||||
if (!headers.contains(HttpHeaderNames.SEC_WEBSOCKET_ORIGIN)) {
|
if (!headers.contains(HttpHeaderNames.SEC_WEBSOCKET_ORIGIN)) {
|
||||||
headers.set(HttpHeaderNames.SEC_WEBSOCKET_ORIGIN, websocketOriginValue(wsURL));
|
headers.set(HttpHeaderNames.SEC_WEBSOCKET_ORIGIN, websocketOriginValue(wsURL));
|
||||||
|
|||||||
@ -221,12 +221,19 @@ public class WebSocketClientHandshaker13 extends WebSocketClientHandshaker {
|
|||||||
|
|
||||||
if (customHeaders != null) {
|
if (customHeaders != null) {
|
||||||
headers.add(customHeaders);
|
headers.add(customHeaders);
|
||||||
|
if (!headers.contains(HttpHeaderNames.HOST)) {
|
||||||
|
// Only add HOST header if customHeaders did not contain it.
|
||||||
|
//
|
||||||
|
// See https://github.com/netty/netty/issues/10101
|
||||||
|
headers.set(HttpHeaderNames.HOST, websocketHostValue(wsURL));
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
headers.set(HttpHeaderNames.HOST, websocketHostValue(wsURL));
|
||||||
}
|
}
|
||||||
|
|
||||||
headers.set(HttpHeaderNames.UPGRADE, HttpHeaderValues.WEBSOCKET)
|
headers.set(HttpHeaderNames.UPGRADE, HttpHeaderValues.WEBSOCKET)
|
||||||
.set(HttpHeaderNames.CONNECTION, HttpHeaderValues.UPGRADE)
|
.set(HttpHeaderNames.CONNECTION, HttpHeaderValues.UPGRADE)
|
||||||
.set(HttpHeaderNames.SEC_WEBSOCKET_KEY, key)
|
.set(HttpHeaderNames.SEC_WEBSOCKET_KEY, key);
|
||||||
.set(HttpHeaderNames.HOST, websocketHostValue(wsURL));
|
|
||||||
|
|
||||||
if (!headers.contains(HttpHeaderNames.ORIGIN)) {
|
if (!headers.contains(HttpHeaderNames.ORIGIN)) {
|
||||||
headers.set(HttpHeaderNames.ORIGIN, websocketOriginValue(wsURL));
|
headers.set(HttpHeaderNames.ORIGIN, websocketOriginValue(wsURL));
|
||||||
|
|||||||
@ -15,12 +15,33 @@
|
|||||||
*/
|
*/
|
||||||
package io.netty.handler.codec.http.websocketx;
|
package io.netty.handler.codec.http.websocketx;
|
||||||
|
|
||||||
|
import io.netty.handler.codec.http.DefaultHttpHeaders;
|
||||||
|
import io.netty.handler.codec.http.FullHttpRequest;
|
||||||
import io.netty.handler.codec.http.HttpHeaderNames;
|
import io.netty.handler.codec.http.HttpHeaderNames;
|
||||||
import io.netty.handler.codec.http.HttpHeaders;
|
import io.netty.handler.codec.http.HttpHeaders;
|
||||||
|
import org.junit.Test;
|
||||||
|
|
||||||
import java.net.URI;
|
import java.net.URI;
|
||||||
|
|
||||||
|
import static org.junit.Assert.assertEquals;
|
||||||
|
|
||||||
public class WebSocketClientHandshaker07Test extends WebSocketClientHandshakerTest {
|
public class WebSocketClientHandshaker07Test extends WebSocketClientHandshakerTest {
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testHostHeaderPreserved() {
|
||||||
|
URI uri = URI.create("ws://localhost:9999");
|
||||||
|
WebSocketClientHandshaker handshaker = newHandshaker(uri, null,
|
||||||
|
new DefaultHttpHeaders().set(HttpHeaderNames.HOST, "test.netty.io"), false);
|
||||||
|
|
||||||
|
FullHttpRequest request = handshaker.newHandshakeRequest();
|
||||||
|
try {
|
||||||
|
assertEquals("/", request.uri());
|
||||||
|
assertEquals("test.netty.io", request.headers().get(HttpHeaderNames.HOST));
|
||||||
|
} finally {
|
||||||
|
request.release();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected WebSocketClientHandshaker newHandshaker(URI uri, String subprotocol, HttpHeaders headers,
|
protected WebSocketClientHandshaker newHandshaker(URI uri, String subprotocol, HttpHeaders headers,
|
||||||
boolean absoluteUpgradeUrl) {
|
boolean absoluteUpgradeUrl) {
|
||||||
|
|||||||
@ -364,7 +364,9 @@ public abstract class WebSocketClientHandshakerTest {
|
|||||||
|
|
||||||
// add values for the headers that are reserved for use in the websockets handshake
|
// add values for the headers that are reserved for use in the websockets handshake
|
||||||
for (CharSequence header : getHandshakeRequiredHeaderNames()) {
|
for (CharSequence header : getHandshakeRequiredHeaderNames()) {
|
||||||
inputHeaders.add(header, bogusHeaderValue);
|
if (!HttpHeaderNames.HOST.equals(header)) {
|
||||||
|
inputHeaders.add(header, bogusHeaderValue);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
inputHeaders.add(getProtocolHeaderName(), bogusSubProtocol);
|
inputHeaders.add(getProtocolHeaderName(), bogusSubProtocol);
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user