netty5

History

Bennett Lynch 6290346246 Remove "Content-Length" when decoding HTTP/1.1 message with both "Tra… (#10003 ) Motivation As part of a recent commit for issue https://github.com/netty/netty/issues/9861 the HttpObjectDecoder was changed to throw an IllegalArgumentException (and produce a failed decoder result) when decoding a message with both "Transfer-Encoding: chunked" and "Content-Length". While it seems correct for Netty to try to sanitize these types of messages, the spec explicitly mentions that the Content-Length header should be removed in this scenario. Both Nginx 1.15.9 and Tomcat 9.0.31 also opt to remove the header: `b693d7c198/java/org/apache/coyote/http11/Http11Processor.java (L747-L755)` `0ad4393e30/src/http/ngx_http_request.c (L1946-L1953)` Modifications * Change the default behavior from throwing an IllegalArgumentException to removing the "Content-Length" header * Extract the behavior to a new protected method, handleChunkedEncodingWithContentLength(), that can be overridden to change this behavior (or capture metrics) Result Messages of this nature will now be successfully decoded and have their "Content-Length" header removed, rather than creating invalid messages (decoder result failures). Users will be allowed to override and configure this behavior.	2020-02-10 10:41:57 +01:00
..
src	Remove "Content-Length" when decoding HTTP/1.1 message with both "Tra… (#10003 )	2020-02-10 10:41:57 +01:00
pom.xml	[maven-release-plugin] prepare for next development iteration	2020-01-13 09:13:53 +00:00

Bennett Lynch 6290346246 Remove "Content-Length" when decoding HTTP/1.1 message with both "Tra… (#10003 )

Motivation

As part of a recent commit for issue
https://github.com/netty/netty/issues/9861 the HttpObjectDecoder was
changed to throw an IllegalArgumentException (and produce a failed
decoder result) when decoding a message with both "Transfer-Encoding:
chunked" and "Content-Length".

While it seems correct for Netty to try to sanitize these types of
messages, the spec explicitly mentions that the Content-Length header
should be *removed* in this scenario.

Both Nginx 1.15.9 and Tomcat 9.0.31 also opt to remove the header:
b693d7c198/java/org/apache/coyote/http11/Http11Processor.java (L747-L755)
0ad4393e30/src/http/ngx_http_request.c (L1946-L1953)

Modifications

* Change the default behavior from throwing an IllegalArgumentException
to removing the "Content-Length" header
* Extract the behavior to a new protected method,
handleChunkedEncodingWithContentLength(), that can be overridden to
change this behavior (or capture metrics)

Result

Messages of this nature will now be successfully decoded and have their
"Content-Length" header removed, rather than creating invalid messages
(decoder result failures). Users will be allowed to override and
configure this behavior.

2020-02-10 10:41:57 +01:00

src Remove "Content-Length" when decoding HTTP/1.1 message with both "Tra… (#10003 ) 2020-02-10 10:41:57 +01:00

pom.xml [maven-release-plugin] prepare for next development iteration 2020-01-13 09:13:53 +00:00