Package io.netty.handler.codec.http

Class DefaultHttpHeadersFactory

java.lang.Object
io.netty.handler.codec.http.DefaultHttpHeadersFactory
All Implemented Interfaces:
HttpHeadersFactory
public final class DefaultHttpHeadersFactory extends Object implements HttpHeadersFactory
A builder of HttpHeadersFactory instances, that itself implements HttpHeadersFactory. The builder is immutable, and every with- method produce a new, modified instance.

The default builder you most likely want to start with is headersFactory().

  • Method Details

    • headersFactory

      public static DefaultHttpHeadersFactory headersFactory()
      Get the default implementation of HttpHeadersFactory for creating headers.

      This DefaultHttpHeadersFactory creates HttpHeaders instances that has the recommended header validation enabled.

    • trailersFactory

      public static DefaultHttpHeadersFactory trailersFactory()
      Get the default implementation of HttpHeadersFactory for creating trailers.

      This DefaultHttpHeadersFactory creates HttpHeaders instances that has the validation enabled that is recommended for trailers.

    • newHeaders

      public HttpHeaders newHeaders()
      Description copied from interface: HttpHeadersFactory
      Create a new HttpHeaders instance.
      Specified by:
      newHeaders in interface HttpHeadersFactory

    • newEmptyHeaders

      public HttpHeaders newEmptyHeaders()
      Description copied from interface: HttpHeadersFactory
      Create a new HttpHeaders instance, but sized to be as small an object as possible.
      Specified by:
      newEmptyHeaders in interface HttpHeadersFactory

    • withNameValidation

      public DefaultHttpHeadersFactory withNameValidation(boolean validation)
      Create a new builder that has HTTP header name validation enabled or disabled.

      Warning! Setting validation to false will mean that Netty won't validate invalid input: '&' protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.

      Parameters:
      validation - If validation should be enabled or disabled.
      Returns:
      The new builder.

    • withNameValidator

      public DefaultHttpHeadersFactory withNameValidator(io.netty.handler.codec.DefaultHeaders.NameValidator<CharSequence> validator)
      Create a new builder that with the given DefaultHeaders.NameValidator.

      Warning! If the given validator does not check that the header names are standards compliant, Netty won't validate invalid input: '&' protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.

      Parameters:
      validator - The HTTP header name validator to use.
      Returns:
      The new builder.

    • withValueValidation

      public DefaultHttpHeadersFactory withValueValidation(boolean validation)
      Create a new builder that has HTTP header value validation enabled or disabled.

      Warning! Setting validation to false will mean that Netty won't validate invalid input: '&' protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.

      Parameters:
      validation - If validation should be enabled or disabled.
      Returns:
      The new builder.

    • withValueValidator

      public DefaultHttpHeadersFactory withValueValidator(io.netty.handler.codec.DefaultHeaders.ValueValidator<CharSequence> validator)
      Create a new builder that with the given DefaultHeaders.ValueValidator.

      Warning! If the given validator does not check that the header values are standards compliant, Netty won't validate invalid input: '&' protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.

      Parameters:
      validator - The HTTP header name validator to use.
      Returns:
      The new builder.

    • withValidation

      public DefaultHttpHeadersFactory withValidation(boolean validation)
      Create a new builder that has HTTP header validation enabled or disabled.

      Warning! Setting validation to false will mean that Netty won't validate invalid input: '&' protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.

      Parameters:
      validation - If validation should be enabled or disabled.
      Returns:
      The new builder.

    • withCombiningHeaders

      public DefaultHttpHeadersFactory withCombiningHeaders(boolean combiningHeaders)
      Create a new builder that will build HttpHeaders objects that either combine multi-valued headers, or not.
      Parameters:
      combiningHeaders - true if multi-valued headers should be combined, otherwise false.
      Returns:
      The new builder.

    • getNameValidator

      public io.netty.handler.codec.DefaultHeaders.NameValidator<CharSequence> getNameValidator()
      Get the currently configured DefaultHeaders.NameValidator.

      This method will be used by the newHeaders() method.

      Returns:
      The configured name validator.

    • getValueValidator

      public io.netty.handler.codec.DefaultHeaders.ValueValidator<CharSequence> getValueValidator()
      Get the currently configured DefaultHeaders.ValueValidator.

      This method will be used by the newHeaders() method.

      Returns:
      The configured value validator.

    • isCombiningHeaders

      public boolean isCombiningHeaders()
      Check whether header combining is enabled or not.
      Returns:
      true if header value combining is enabled, otherwise false.

    • isValidatingHeaderNames

      public boolean isValidatingHeaderNames()
      Check whether header name validation is enabled.
      Returns:
      true if header name validation is enabled, otherwise false.

    • isValidatingHeaderValues

      public boolean isValidatingHeaderValues()
      Check whether header value validation is enabled.
      Returns:
      true if header value validation is enabled, otherwise false.