Remove io.netty.http2.validateContentLength SystemProperty (#11561)

Motivation:
io.netty.http2.validateContentLength SystemProperty was added as a way
to opt-out for compabitility for libraries/applications that violated
the RFC's content-length matching requirements [1] but have not yet been
fixed. This SystemProperty has been around for a few months now and it
is assumed these issues have now been addressed in 3rd party code.

[1] https://tools.ietf.org/html/rfc7540#section-8.1.2.6

Modifications:
- Remove the io.netty.http2.validateContentLength SystemProperty,
  preventing folks from opting out of RFC's required content-length
  matching.

Result:
No more escape hatch in H2 for content-length matching enforcement.
This commit is contained in:
Scott Mitchell 2021-08-06 11:02:48 -07:00 committed by GitHub
parent fe7b18ee83
commit a27443df64
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -20,7 +20,6 @@ import io.netty.handler.codec.http.HttpHeaderNames;
import io.netty.handler.codec.http.HttpStatusClass; import io.netty.handler.codec.http.HttpStatusClass;
import io.netty.handler.codec.http.HttpUtil; import io.netty.handler.codec.http.HttpUtil;
import io.netty.handler.codec.http2.Http2Connection.Endpoint; import io.netty.handler.codec.http2.Http2Connection.Endpoint;
import io.netty.util.internal.SystemPropertyUtil;
import io.netty.util.internal.UnstableApi; import io.netty.util.internal.UnstableApi;
import io.netty.util.internal.logging.InternalLogger; import io.netty.util.internal.logging.InternalLogger;
import io.netty.util.internal.logging.InternalLoggerFactory; import io.netty.util.internal.logging.InternalLoggerFactory;
@ -52,8 +51,6 @@ import static java.lang.Math.min;
*/ */
@UnstableApi @UnstableApi
public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder { public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
private static final boolean VALIDATE_CONTENT_LENGTH =
SystemPropertyUtil.getBoolean("io.netty.http2.validateContentLength", true);
private static final InternalLogger logger = InternalLoggerFactory.getInstance(DefaultHttp2ConnectionDecoder.class); private static final InternalLogger logger = InternalLoggerFactory.getInstance(DefaultHttp2ConnectionDecoder.class);
private Http2FrameListener internalFrameListener = new PrefaceFrameListener(); private Http2FrameListener internalFrameListener = new PrefaceFrameListener();
private final Http2Connection connection; private final Http2Connection connection;
@ -232,9 +229,6 @@ public class DefaultHttp2ConnectionDecoder implements Http2ConnectionDecoder {
// See https://tools.ietf.org/html/rfc7540#section-8.1.2.6 // See https://tools.ietf.org/html/rfc7540#section-8.1.2.6
private void verifyContentLength(Http2Stream stream, int data, boolean isEnd) throws Http2Exception { private void verifyContentLength(Http2Stream stream, int data, boolean isEnd) throws Http2Exception {
if (!VALIDATE_CONTENT_LENGTH) {
return;
}
ContentLength contentLength = stream.getProperty(contentLengthKey); ContentLength contentLength = stream.getProperty(contentLengthKey);
if (contentLength != null) { if (contentLength != null) {
try { try {