Package io.netty.handler.codec.http

Class HttpDecoderConfig

  • All Implemented Interfaces:
    java.lang.Cloneable
    public final class HttpDecoderConfig
extends java.lang.Object
implements java.lang.Cloneable
    A configuration object for specifying the behaviour of HttpObjectDecoder and its subclasses.

    The HttpDecoderConfig objects are mutable to reduce allocation, but also Cloneable in case a defensive copy is needed.

    • Constructor Detail

      • HttpDecoderConfig

        public HttpDecoderConfig()

    • Method Detail

      • getInitialBufferSize

        public int getInitialBufferSize()

      • setInitialBufferSize

        public HttpDecoderConfig setInitialBufferSize​(int initialBufferSize)
        Set the initial size of the temporary buffer used when parsing the lines of the HTTP headers.
        Parameters:
        initialBufferSize - The buffer size in bytes.
        Returns:
        This decoder config.

      • getMaxInitialLineLength

        public int getMaxInitialLineLength()

      • setMaxInitialLineLength

        public HttpDecoderConfig setMaxInitialLineLength​(int maxInitialLineLength)
        Set the maximum length of the first line of the HTTP header. This limits how much memory Netty will use when parsed the initial HTTP header line. You would typically set this to the same value as setMaxHeaderSize(int).
        Parameters:
        maxInitialLineLength - The maximum length, in bytes.
        Returns:
        This decoder config.

      • getMaxHeaderSize

        public int getMaxHeaderSize()

      • setMaxHeaderSize

        public HttpDecoderConfig setMaxHeaderSize​(int maxHeaderSize)
        Set the maximum line length of header lines. This limits how much memory Netty will use when parsing HTTP header key-value pairs. The limit applies to the sum of all the headers, so it applies equally to many short header-lines, or fewer but longer header lines.

        You would typically set this to the same value as setMaxInitialLineLength(int).

        Parameters:
        maxHeaderSize - The maximum length, in bytes.
        Returns:
        This decoder config.

      • getMaxChunkSize

        public int getMaxChunkSize()

      • setMaxChunkSize

        public HttpDecoderConfig setMaxChunkSize​(int maxChunkSize)
        Set the maximum chunk size. HTTP requests and responses can be quite large, in which case it's better to process the data as a stream of chunks. This sets the limit, in bytes, at which Netty will send a chunk down the pipeline.
        Parameters:
        maxChunkSize - The maximum chunk size, in bytes.
        Returns:
        This decoder config.

      • isChunkedSupported

        public boolean isChunkedSupported()

      • setChunkedSupported

        public HttpDecoderConfig setChunkedSupported​(boolean chunkedSupported)
        Set whether Transfer-Encoding: Chunked should be supported.
        Parameters:
        chunkedSupported - if false, then a Transfer-Encoding: Chunked header will produce an error, instead of a stream of chunks.
        Returns:
        This decoder config.

      • isAllowPartialChunks

        public boolean isAllowPartialChunks()

      • setAllowPartialChunks

        public HttpDecoderConfig setAllowPartialChunks​(boolean allowPartialChunks)
        Set whether chunks can be split into multiple messages, if their chunk size exceeds the size of the input buffer.
        Parameters:
        allowPartialChunks - set to false to only allow sending whole chunks down the pipeline.
        Returns:
        This decoder config.

      • isAllowDuplicateContentLengths

        public boolean isAllowDuplicateContentLengths()

      • setAllowDuplicateContentLengths

        public HttpDecoderConfig setAllowDuplicateContentLengths​(boolean allowDuplicateContentLengths)
        Set whether more than one Content-Length header is allowed. You usually want to disallow this (which is the default) as multiple Content-Length headers can indicate a request- or response-splitting attack.
        Parameters:
        allowDuplicateContentLengths - set to true to allow multiple content length headers.
        Returns:
        This decoder config.

      • setValidateHeaders

        public HttpDecoderConfig setValidateHeaders​(boolean validateHeaders)
        Set whether header validation should be enabled or not. This works by changing the configured header factory and trailer factory.

        You usually want header validation enabled (which is the default) in order to prevent request-/response-splitting attacks.

        Parameters:
        validateHeaders - set to false to disable header validation.
        Returns:
        This decoder config.

      • isStrictLineParsing

        public boolean isStrictLineParsing()

      • setStrictLineParsing

        public HttpDecoderConfig setStrictLineParsing​(boolean strictLineParsing)
        The RFC 9112 specification for the HTTP protocol says that the initial start-line, and the following header field-lines, must be separated by a Carriage Return (CR) and Line Feed (LF) octet pair, but also offers that implementations "MAY" accept just a Line Feed octet as a separator.

        Parsing leniencies can increase compatibility with a wider range of implementations, but can also cause security vulnerabilities, when multiple systems disagree on the meaning of leniently parsed messages.

        When strict line parsing is enabled (true), then Netty will enforce that start- and header field-lines MUST be separated by a CR LF octet pair, and will produce messagas with failed DecoderResults.

        When strict line parsing is disabled (false), then Netty will accept lone LF octets as line seperators for the start- and header field-lines.

        See RFC 9112 Section 2.1.

        Parameters:
        strictLineParsing - Whether strict line parsing should be enabled (true), or not (false).
        Returns:
        This decoder config.

      • clone

        public HttpDecoderConfig clone()
        Overrides:
        clone in class java.lang.Object