Example 1 with DefaultHttp2ResetFrame
use of io.netty.handler.codec.http2.DefaultHttp2ResetFrame in project zuul by Netflix.
the class Http2ContentLengthEnforcingHandler method channelRead.
/**
* This checks that the content length does what it says, preventing a client from causing Zuul to misinterpret the
* request. Because this class is meant to work in an HTTP/2 setting, the content length and transfer encoding
* checks are more semantics. In particular, this checks:
* <ul>
* <li>No duplicate Content length</li>
* <li>Content Length (if present) must always be greater than or equal to how much content has been seen</li>
* <li>Content Length (if present) must always be equal to how much content has been seen by the end</li>
* <li>Content Length cannot be present along with chunked transfer encoding.</li>
* </ul>
*/
@Override
public void channelRead(ChannelHandlerContext ctx, Object msg) throws Exception {
if (msg instanceof HttpRequest) {
HttpRequest req = (HttpRequest) msg;
List<String> lengthHeaders = req.headers().getAll(HttpHeaderNames.CONTENT_LENGTH);
if (lengthHeaders.size() > 1) {
ctx.writeAndFlush(new DefaultHttp2ResetFrame(Http2Error.PROTOCOL_ERROR));
return;
} else if (lengthHeaders.size() == 1) {
expectedContentLength = Long.parseLong(lengthHeaders.get(0));
if (expectedContentLength < 0) {
// TODO(carl-mastrangelo): this is not right, but meh. Fix this to return a proper 400.
ctx.writeAndFlush(new DefaultHttp2ResetFrame(Http2Error.PROTOCOL_ERROR));
return;
}
}
if (hasContentLength() && HttpUtil.isTransferEncodingChunked(req)) {
// TODO(carl-mastrangelo): this is not right, but meh. Fix this to return a proper 400.
ctx.writeAndFlush(new DefaultHttp2ResetFrame(Http2Error.PROTOCOL_ERROR));
return;
}
}
if (msg instanceof HttpContent) {
ByteBuf content = ((HttpContent) msg).content();
incrementSeenContent(content.readableBytes());
if (hasContentLength() && seenContentLength > expectedContentLength) {
// TODO(carl-mastrangelo): this is not right, but meh. Fix this to return a proper 400.
ctx.writeAndFlush(new DefaultHttp2ResetFrame(Http2Error.PROTOCOL_ERROR));
return;
}
}
if (msg instanceof LastHttpContent) {
if (hasContentLength() && seenContentLength != expectedContentLength) {
// TODO(carl-mastrangelo): this is not right, but meh. Fix this to return a proper 400.
ctx.writeAndFlush(new DefaultHttp2ResetFrame(Http2Error.PROTOCOL_ERROR));
return;
}
}
super.channelRead(ctx, msg);
}
Also used :
HttpRequest(io.netty.handler.codec.http.HttpRequest)
DefaultHttp2ResetFrame(io.netty.handler.codec.http2.DefaultHttp2ResetFrame)
ByteBuf(io.netty.buffer.ByteBuf)
LastHttpContent(io.netty.handler.codec.http.LastHttpContent)
HttpContent(io.netty.handler.codec.http.HttpContent)
LastHttpContent(io.netty.handler.codec.http.LastHttpContent)
Example 2 with DefaultHttp2ResetFrame
use of io.netty.handler.codec.http2.DefaultHttp2ResetFrame in project zuul by Netflix.
the class Http2StreamErrorHandler method exceptionCaught.
@Override
public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) throws Exception {
if (cause instanceof StreamException) {
StreamException streamEx = (StreamException) cause;
ctx.writeAndFlush(new DefaultHttp2ResetFrame(streamEx.error()));
} else if (cause instanceof DecoderException) {
ctx.writeAndFlush(new DefaultHttp2ResetFrame(Http2Error.PROTOCOL_ERROR));
} else {
super.exceptionCaught(ctx, cause);
}
}
Also used :
DecoderException(io.netty.handler.codec.DecoderException)
DefaultHttp2ResetFrame(io.netty.handler.codec.http2.DefaultHttp2ResetFrame)
Aggregations
DefaultHttp2ResetFrame (io.netty.handler.codec.http2.DefaultHttp2ResetFrame)2
ByteBuf (io.netty.buffer.ByteBuf)1
DecoderException (io.netty.handler.codec.DecoderException)1
HttpContent (io.netty.handler.codec.http.HttpContent)1
HttpRequest (io.netty.handler.codec.http.HttpRequest)1
LastHttpContent (io.netty.handler.codec.http.LastHttpContent)1
