Julien Hoarau dd5d4887ed Validate pseudo and conditional HTTP/2 headers (#8619)
Motivation:

Netty HTTP/2 implementation is not 100% compliant to the spec. This
commit improves the compliance regarding headers validation,
in particular pseudo-headers and connection ones.

According to the spec:
   All HTTP/2 requests MUST include exactly one valid value for the
   ":method", ":scheme", and ":path" pseudo-header fields, unless it is
   a CONNECT request (Section 8.3).  An HTTP request that omits
   mandatory pseudo-header fields is malformed (Section 8.1.2.6).

Modifications:

- Introduce Http2HeadersValidator class capable of validating HTTP/2
headers
- Invoke validation from DefaultHttp2ConnectionDecoder#onHeadersRead
- Modify tests to use valid headers when required
- Modify HttpConversionUtil#toHttp2Headers to not add :scheme and
:path header on CONNECT method in order to conform to the spec

Result:

- Initial requests without :method, :path, :scheme will fail
- Initial requests with multiple values for :method, :path, :scheme
will fail
- Initial requests with an empty :path fail
- Requests with connection-specific header field will fail
- Requests with TE header different than "trailers" will fail
-
- Fixes 8.1.2.2 tests from h2spec #5761
- Fixes 8.1.2.3 tests from h2spec #5761
2019-10-27 16:20:18 +01:00

114 lines
3.9 KiB
XML

<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright 2017 The Netty Project
~
~ The Netty Project licenses this file to you under the Apache License,
~ version 2.0 (the "License"); you may not use this file except in compliance
~ with the License. You may obtain a copy of the License at:
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
~ WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
~ License for the specific language governing permissions and limitations
~ under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>io.netty</groupId>
<artifactId>netty-parent</artifactId>
<version>5.0.0.Final-SNAPSHOT</version>
</parent>
<artifactId>netty-testsuite-http2</artifactId>
<packaging>jar</packaging>
<name>Netty/Testsuite/Http2</name>
<properties>
<skipJapicmp>true</skipJapicmp>
</properties>
<dependencies>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>netty-common</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>netty-buffer</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>netty-transport</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>netty-handler</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>netty-codec-http</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>netty-codec-http2</artifactId>
<version>${project.version}</version>
</dependency>
</dependencies>
<profiles>
<profile>
<id>skipTests</id>
<activation>
<property>
<name>skipTests</name>
</property>
</activation>
<properties>
<skipHttp2Testsuite>true</skipHttp2Testsuite>
</properties>
</profile>
</profiles>
<build>
<plugins>
<plugin>
<groupId>com.github.madgnome</groupId>
<artifactId>h2spec-maven-plugin</artifactId>
<version>0.6</version>
<configuration>
<mainClass>io.netty.testsuite.http2.Http2Server</mainClass>
<excludeSpecs>
<excludeSpec>4.2 - Sends a dynamic table size update at the end of header block</excludeSpec>
<excludeSpec>5.1 - idle: Sends a DATA frame</excludeSpec>
<excludeSpec>5.1 - half closed (remote): Sends a HEADERS frame</excludeSpec>
<excludeSpec>5.1 - closed: Sends a HEADERS frame</excludeSpec>
<excludeSpec>5.1.1 - Sends stream identifier that is numerically smaller than previous</excludeSpec>
<excludeSpec>8.1.2.6 - Sends a HEADERS frame with the "content-length" header field which does not equal the DATA frame payload length</excludeSpec>
<excludeSpec>8.1.2.6 - Sends a HEADERS frame with the "content-length" header field which does not equal the sum of the multiple DATA frames payload length</excludeSpec>
</excludeSpecs>
<skip>${skipHttp2Testsuite}</skip>
</configuration>
<executions>
<execution>
<phase>test</phase>
<goals>
<goal>h2spec</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>