Class DefaultHttpHeadersFactory
- java.lang.Object
-
- io.netty.handler.codec.http.DefaultHttpHeadersFactory
-
- All Implemented Interfaces:
HttpHeadersFactory
public final class DefaultHttpHeadersFactory extends java.lang.Object implements HttpHeadersFactory
A builder ofHttpHeadersFactory
instances, that itself implementsHttpHeadersFactory
. The builder is immutable, and everywith-
method produce a new, modified instance.The default builder you most likely want to start with is
headersFactory()
.
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description DefaultHeaders.NameValidator<java.lang.CharSequence>
getNameValidator()
Get the currently configuredDefaultHeaders.NameValidator
.DefaultHeaders.ValueValidator<java.lang.CharSequence>
getValueValidator()
Get the currently configuredDefaultHeaders.ValueValidator
.static DefaultHttpHeadersFactory
headersFactory()
Get the default implementation ofHttpHeadersFactory
for creating headers.boolean
isCombiningHeaders()
Check whether header combining is enabled or not.boolean
isValidatingHeaderNames()
Check whether header name validation is enabled.boolean
isValidatingHeaderValues()
Check whether header value validation is enabled.HttpHeaders
newEmptyHeaders()
Create a newHttpHeaders
instance, but sized to be as small an object as possible.HttpHeaders
newHeaders()
Create a newHttpHeaders
instance.static DefaultHttpHeadersFactory
trailersFactory()
Get the default implementation ofHttpHeadersFactory
for creating trailers.DefaultHttpHeadersFactory
withCombiningHeaders(boolean combiningHeaders)
Create a new builder that will buildHttpHeaders
objects that either combine multi-valued headers, or not.DefaultHttpHeadersFactory
withNameValidation(boolean validation)
Create a new builder that has HTTP header name validation enabled or disabled.DefaultHttpHeadersFactory
withNameValidator(DefaultHeaders.NameValidator<java.lang.CharSequence> validator)
Create a new builder that with the givenDefaultHeaders.NameValidator
.DefaultHttpHeadersFactory
withValidation(boolean validation)
Create a new builder that has HTTP header validation enabled or disabled.DefaultHttpHeadersFactory
withValueValidation(boolean validation)
Create a new builder that has HTTP header value validation enabled or disabled.DefaultHttpHeadersFactory
withValueValidator(DefaultHeaders.ValueValidator<java.lang.CharSequence> validator)
Create a new builder that with the givenDefaultHeaders.ValueValidator
.
-
-
-
Method Detail
-
headersFactory
public static DefaultHttpHeadersFactory headersFactory()
Get the default implementation ofHttpHeadersFactory
for creating headers.This
DefaultHttpHeadersFactory
createsHttpHeaders
instances that has the recommended header validation enabled.
-
trailersFactory
public static DefaultHttpHeadersFactory trailersFactory()
Get the default implementation ofHttpHeadersFactory
for creating trailers.This
DefaultHttpHeadersFactory
createsHttpHeaders
instances that has the validation enabled that is recommended for trailers.
-
newHeaders
public HttpHeaders newHeaders()
Description copied from interface:HttpHeadersFactory
Create a newHttpHeaders
instance.- Specified by:
newHeaders
in interfaceHttpHeadersFactory
-
newEmptyHeaders
public HttpHeaders newEmptyHeaders()
Description copied from interface:HttpHeadersFactory
Create a newHttpHeaders
instance, but sized to be as small an object as possible.- Specified by:
newEmptyHeaders
in interfaceHttpHeadersFactory
-
withNameValidation
public DefaultHttpHeadersFactory withNameValidation(boolean validation)
Create a new builder that has HTTP header name validation enabled or disabled.Warning! Setting
validation
tofalse
will mean that Netty won't validate & protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.- Parameters:
validation
- If validation should be enabled or disabled.- Returns:
- The new builder.
-
withNameValidator
public DefaultHttpHeadersFactory withNameValidator(DefaultHeaders.NameValidator<java.lang.CharSequence> validator)
Create a new builder that with the givenDefaultHeaders.NameValidator
.Warning! If the given validator does not check that the header names are standards compliant, Netty won't validate & protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.
- Parameters:
validator
- The HTTP header name validator to use.- Returns:
- The new builder.
-
withValueValidation
public DefaultHttpHeadersFactory withValueValidation(boolean validation)
Create a new builder that has HTTP header value validation enabled or disabled.Warning! Setting
validation
tofalse
will mean that Netty won't validate & protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.- Parameters:
validation
- If validation should be enabled or disabled.- Returns:
- The new builder.
-
withValueValidator
public DefaultHttpHeadersFactory withValueValidator(DefaultHeaders.ValueValidator<java.lang.CharSequence> validator)
Create a new builder that with the givenDefaultHeaders.ValueValidator
.Warning! If the given validator does not check that the header values are standards compliant, Netty won't validate & protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.
- Parameters:
validator
- The HTTP header name validator to use.- Returns:
- The new builder.
-
withValidation
public DefaultHttpHeadersFactory withValidation(boolean validation)
Create a new builder that has HTTP header validation enabled or disabled.Warning! Setting
validation
tofalse
will mean that Netty won't validate & protect against user-supplied headers that are malicious. This can leave your server implementation vulnerable to CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') . When disabling this validation, it is the responsibility of the caller to ensure that the values supplied do not contain a non-url-escaped carriage return (CR) and/or line feed (LF) characters.- Parameters:
validation
- If validation should be enabled or disabled.- Returns:
- The new builder.
-
withCombiningHeaders
public DefaultHttpHeadersFactory withCombiningHeaders(boolean combiningHeaders)
Create a new builder that will buildHttpHeaders
objects that either combine multi-valued headers, or not.- Parameters:
combiningHeaders
-true
if multi-valued headers should be combined, otherwisefalse
.- Returns:
- The new builder.
-
getNameValidator
public DefaultHeaders.NameValidator<java.lang.CharSequence> getNameValidator()
Get the currently configuredDefaultHeaders.NameValidator
.This method will be used by the
newHeaders()
method.- Returns:
- The configured name validator.
-
getValueValidator
public DefaultHeaders.ValueValidator<java.lang.CharSequence> getValueValidator()
Get the currently configuredDefaultHeaders.ValueValidator
.This method will be used by the
newHeaders()
method.- Returns:
- The configured value validator.
-
isCombiningHeaders
public boolean isCombiningHeaders()
Check whether header combining is enabled or not.- Returns:
true
if header value combining is enabled, otherwisefalse
.
-
isValidatingHeaderNames
public boolean isValidatingHeaderNames()
Check whether header name validation is enabled.- Returns:
true
if header name validation is enabled, otherwisefalse
.
-
isValidatingHeaderValues
public boolean isValidatingHeaderValues()
Check whether header value validation is enabled.- Returns:
true
if header value validation is enabled, otherwisefalse
.
-
-