Enable header valication in HttpServerUpgradeHandler (#10643)
Motivation: HttpServerUpgradeHandler takes a list of protocols from an incoming request and uses them for building a response. Although the class does some validation while parsing the list, it then disables HTTP header validation when it builds a responst. The disabled validation may potentially allow HTTP response splitting attacks. Modifications: - Enabled HTTP header validation in HttpServerUpgradeHandler as a defense-in-depth measure to prevent possible HTTP response splitting attacks. - Added a new constructor that allows disabling the validation. Result: HttpServerUpgradeHandler validates incoming protocols before including them into a response. That should prevent possible HTTP response splitting attacks.
This commit is contained in:
parent
30e9b6846d
commit
3e41a7f231
@ -169,6 +169,7 @@ public class HttpServerUpgradeHandler extends HttpObjectAggregator {
|
||||
|
||||
private final SourceCodec sourceCodec;
|
||||
private final UpgradeCodecFactory upgradeCodecFactory;
|
||||
private final boolean validateHeaders;
|
||||
private boolean handlingUpgrade;
|
||||
|
||||
/**
|
||||
@ -199,10 +200,25 @@ public class HttpServerUpgradeHandler extends HttpObjectAggregator {
|
||||
*/
|
||||
public HttpServerUpgradeHandler(
|
||||
SourceCodec sourceCodec, UpgradeCodecFactory upgradeCodecFactory, int maxContentLength) {
|
||||
this(sourceCodec, upgradeCodecFactory, maxContentLength, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructs the upgrader with the supported codecs.
|
||||
*
|
||||
* @param sourceCodec the codec that is being used initially
|
||||
* @param upgradeCodecFactory the factory that creates a new upgrade codec
|
||||
* for one of the requested upgrade protocols
|
||||
* @param maxContentLength the maximum length of the content of an upgrade request
|
||||
* @param validateHeaders validate the header names and values of the upgrade response.
|
||||
*/
|
||||
public HttpServerUpgradeHandler(SourceCodec sourceCodec, UpgradeCodecFactory upgradeCodecFactory,
|
||||
int maxContentLength, boolean validateHeaders) {
|
||||
super(maxContentLength);
|
||||
|
||||
this.sourceCodec = requireNonNull(sourceCodec, "sourceCodec");
|
||||
this.upgradeCodecFactory = requireNonNull(upgradeCodecFactory, "upgradeCodecFactory");
|
||||
this.validateHeaders = validateHeaders;
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -349,9 +365,9 @@ public class HttpServerUpgradeHandler extends HttpObjectAggregator {
|
||||
/**
|
||||
* Creates the 101 Switching Protocols response message.
|
||||
*/
|
||||
private static FullHttpResponse createUpgradeResponse(CharSequence upgradeProtocol) {
|
||||
DefaultFullHttpResponse res = new DefaultFullHttpResponse(HTTP_1_1, SWITCHING_PROTOCOLS,
|
||||
Unpooled.EMPTY_BUFFER, false);
|
||||
private FullHttpResponse createUpgradeResponse(CharSequence upgradeProtocol) {
|
||||
DefaultFullHttpResponse res = new DefaultFullHttpResponse(
|
||||
HTTP_1_1, SWITCHING_PROTOCOLS, Unpooled.EMPTY_BUFFER, validateHeaders);
|
||||
res.headers().add(HttpHeaderNames.CONNECTION, HttpHeaderValues.UPGRADE);
|
||||
res.headers().add(HttpHeaderNames.UPGRADE, upgradeProtocol);
|
||||
return res;
|
||||
|
Loading…
Reference in New Issue
Block a user