View Javadoc
1   /*
2    * Copyright 2012 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty5.handler.codec.http;
17  
18  import io.netty5.buffer.api.Buffer;
19  import io.netty5.buffer.api.BufferAllocator;
20  import io.netty5.channel.ChannelHandlerContext;
21  import io.netty5.channel.ChannelPipeline;
22  import io.netty5.handler.codec.ByteToMessageDecoder;
23  import io.netty5.handler.codec.DecoderResult;
24  import io.netty5.handler.codec.PrematureChannelClosureException;
25  import io.netty5.handler.codec.TooLongFrameException;
26  import io.netty5.util.ByteProcessor;
27  import io.netty5.util.internal.AppendableCharSequence;
28  
29  import java.util.List;
30  
31  import static io.netty5.util.internal.ObjectUtil.checkPositive;
32  
33  /**
34   * Decodes {@link Buffer}s into {@link HttpMessage}s and
35   * {@link HttpContent}s.
36   *
37   * <h3>Parameters that prevents excessive memory consumption</h3>
38   * <table border="1">
39   * <tr>
40   * <th>Name</th><th>Default value</th><th>Meaning</th>
41   * </tr>
42   * <tr>
43   * <td>{@code maxInitialLineLength}</td>
44   * <td>{@value #DEFAULT_MAX_INITIAL_LINE_LENGTH}</td>
45   * <td>The maximum length of the initial line
46   *     (e.g. {@code "GET / HTTP/1.0"} or {@code "HTTP/1.0 200 OK"})
47   *     If the length of the initial line exceeds this value, a
48   *     {@link TooLongHttpLineException} will be raised.</td>
49   * </tr>
50   * <tr>
51   * <td>{@code maxHeaderSize}</td>
52   * <td>{@value #DEFAULT_MAX_HEADER_SIZE}</td>
53   * <td>The maximum length of all headers.  If the sum of the length of each
54   *     header exceeds this value, a {@link TooLongHttpHeaderException} will be raised.</td>
55   * </tr>
56   * </table>
57   *
58   * <h3>Parameters that control parsing behavior</h3>
59   * <table border="1">
60   * <tr>
61   * <th>Name</th><th>Default value</th><th>Meaning</th>
62   * </tr>
63   * <tr>
64   * <td>{@code allowDuplicateContentLengths}</td>
65   * <td>{@value #DEFAULT_ALLOW_DUPLICATE_CONTENT_LENGTHS}</td>
66   * <td>When set to {@code false}, will reject any messages that contain multiple Content-Length header fields.
67   *     When set to {@code true}, will allow multiple Content-Length headers only if they are all the same decimal value.
68   *     The duplicated field-values will be replaced with a single valid Content-Length field.
69   *     See <a href="https://tools.ietf.org/html/rfc7230#section-3.3.2">RFC 7230, Section 3.3.2</a>.</td>
70   * </tr>
71   * </table>
72   *
73   * <h3>Chunked Content</h3>
74   *
75   * If the content of an HTTP message is greater than {@code maxChunkSize} or
76   * the transfer encoding of the HTTP message is 'chunked', this decoder
77   * generates one {@link HttpMessage} instance and its following
78   * {@link HttpContent}s per single HTTP message to avoid excessive memory
79   * consumption. For example, the following HTTP message:
80   * <pre>
81   * GET / HTTP/1.1
82   * Transfer-Encoding: chunked
83   *
84   * 1a
85   * abcdefghijklmnopqrstuvwxyz
86   * 10
87   * 1234567890abcdef
88   * 0
89   * Content-MD5: ...
90   * <i>[blank line]</i>
91   * </pre>
92   * triggers {@link HttpRequestDecoder} to generate 3 objects:
93   * <ol>
94   * <li>An {@link HttpRequest},</li>
95   * <li>The first {@link HttpContent} whose content is {@code 'abcdefghijklmnopqrstuvwxyz'},</li>
96   * <li>The second {@link LastHttpContent} whose content is {@code '1234567890abcdef'}, which marks
97   * the end of the content.</li>
98   * </ol>
99   *
100  * If you prefer not to handle {@link HttpContent}s by yourself for your
101  * convenience, insert {@link HttpObjectAggregator} after this decoder in the
102  * {@link ChannelPipeline}.  However, please note that your server might not
103  * be as memory efficient as without the aggregator.
104  *
105  * <h3>Extensibility</h3>
106  *
107  * Please note that this decoder is designed to be extended to implement
108  * a protocol derived from HTTP, such as
109  * <a href="https://en.wikipedia.org/wiki/Real_Time_Streaming_Protocol">RTSP</a> and
110  * <a href="https://en.wikipedia.org/wiki/Internet_Content_Adaptation_Protocol">ICAP</a>.
111  * To implement the decoder of such a derived protocol, extend this class and
112  * implement all abstract methods properly.
113  */
114 public abstract class HttpObjectDecoder extends ByteToMessageDecoder {
115     public static final int DEFAULT_MAX_INITIAL_LINE_LENGTH = 4096;
116     public static final int DEFAULT_MAX_HEADER_SIZE = 8192;
117     public static final boolean DEFAULT_CHUNKED_SUPPORTED = true;
118     public static final boolean DEFAULT_VALIDATE_HEADERS = true;
119     public static final int DEFAULT_INITIAL_BUFFER_SIZE = 128;
120     public static final boolean DEFAULT_ALLOW_DUPLICATE_CONTENT_LENGTHS = false;
121 
122     private static final String EMPTY_VALUE = "";
123 
124     private final boolean chunkedSupported;
125     protected final boolean validateHeaders;
126     private final boolean allowDuplicateContentLengths;
127     private final HeaderParser headerParser;
128     private final LineParser lineParser;
129 
130     private HttpMessage message;
131     private long chunkSize;
132     private long contentLength = Long.MIN_VALUE;
133     private volatile boolean resetRequested;
134 
135     // These will be updated by splitHeader(...)
136     private CharSequence name;
137     private CharSequence value;
138 
139     private LastHttpContent<?> trailer;
140 
141     /**
142      * The internal state of {@link HttpObjectDecoder}.
143      * <em>Internal use only</em>.
144      */
145     private enum State {
146         SKIP_CONTROL_CHARS,
147         READ_INITIAL,
148         READ_HEADER,
149         READ_VARIABLE_LENGTH_CONTENT,
150         READ_FIXED_LENGTH_CONTENT,
151         READ_CHUNK_SIZE,
152         READ_CHUNKED_CONTENT,
153         READ_CHUNK_DELIMITER,
154         READ_CHUNK_FOOTER,
155         BAD_MESSAGE,
156         UPGRADED
157     }
158 
159     private State currentState = State.SKIP_CONTROL_CHARS;
160 
161     /**
162      * Creates a new instance with the default
163      * {@code maxInitialLineLength (4096}}, {@code maxHeaderSize (8192)}, and
164      * {@code maxChunkSize (8192)}.
165      */
166     protected HttpObjectDecoder() {
167         this(DEFAULT_MAX_INITIAL_LINE_LENGTH, DEFAULT_MAX_HEADER_SIZE, DEFAULT_CHUNKED_SUPPORTED);
168     }
169 
170     /**
171      * Creates a new instance with the specified parameters.
172      */
173     protected HttpObjectDecoder(
174             int maxInitialLineLength, int maxHeaderSize, boolean chunkedSupported) {
175         this(maxInitialLineLength, maxHeaderSize, chunkedSupported, DEFAULT_VALIDATE_HEADERS);
176     }
177 
178     /**
179      * Creates a new instance with the specified parameters.
180      */
181     protected HttpObjectDecoder(
182             int maxInitialLineLength, int maxHeaderSize,
183             boolean chunkedSupported, boolean validateHeaders) {
184         this(maxInitialLineLength, maxHeaderSize, chunkedSupported, validateHeaders, DEFAULT_INITIAL_BUFFER_SIZE);
185     }
186 
187     /**
188      * Creates a new instance with the specified parameters.
189      */
190     protected HttpObjectDecoder(
191             int maxInitialLineLength, int maxHeaderSize,
192             boolean chunkedSupported, boolean validateHeaders, int initialBufferSize) {
193         this(maxInitialLineLength, maxHeaderSize, chunkedSupported, validateHeaders, initialBufferSize,
194              DEFAULT_ALLOW_DUPLICATE_CONTENT_LENGTHS);
195     }
196 
197     protected HttpObjectDecoder(
198             int maxInitialLineLength, int maxHeaderSize,
199             boolean chunkedSupported, boolean validateHeaders, int initialBufferSize,
200             boolean allowDuplicateContentLengths) {
201         checkPositive(maxInitialLineLength, "maxInitialLineLength");
202         checkPositive(maxHeaderSize, "maxHeaderSize");
203         AppendableCharSequence seq = new AppendableCharSequence(initialBufferSize);
204         lineParser = new LineParser(seq, maxInitialLineLength);
205         headerParser = new HeaderParser(seq, maxHeaderSize);
206         this.chunkedSupported = chunkedSupported;
207         this.validateHeaders = validateHeaders;
208         this.allowDuplicateContentLengths = allowDuplicateContentLengths;
209     }
210 
211     @Override
212     protected void decode(ChannelHandlerContext ctx, Buffer buffer) throws Exception {
213         if (resetRequested) {
214             resetNow();
215         }
216 
217         switch (currentState) {
218         case SKIP_CONTROL_CHARS:
219             // Fall-through
220         case READ_INITIAL: try {
221             AppendableCharSequence line = lineParser.parse(buffer);
222             if (line == null) {
223                 return;
224             }
225             String[] initialLine = splitInitialLine(line);
226             if (initialLine.length < 3) {
227                 // Invalid initial line - ignore.
228                 currentState = State.SKIP_CONTROL_CHARS;
229                 return;
230             }
231 
232             message = createMessage(initialLine);
233             currentState = State.READ_HEADER;
234             // fall-through
235         } catch (Exception e) {
236             ctx.fireChannelRead(invalidMessage(ctx, buffer, e));
237             return;
238         }
239         case READ_HEADER: try {
240             State nextState = readHeaders(buffer);
241             if (nextState == null) {
242                 return;
243             }
244             currentState = nextState;
245             switch (nextState) {
246             case SKIP_CONTROL_CHARS:
247                 // fast-path
248                 // No content is expected.
249                 ctx.fireChannelRead(message);
250                 ctx.fireChannelRead(new EmptyLastHttpContent(ctx.bufferAllocator()));
251                 resetNow();
252                 return;
253             case READ_CHUNK_SIZE:
254                 if (!chunkedSupported) {
255                     throw new IllegalArgumentException("Chunked messages not supported");
256                 }
257                 // Chunked encoding - generate HttpMessage first.  HttpChunks will follow.
258                 ctx.fireChannelRead(message);
259                 return;
260             default:
261                 /*
262                   RFC 7230, 3.3.3 (https://tools.ietf.org/html/rfc7230#section-3.3.3) states that if a
263                   request does not have either a transfer-encoding or a content-length header then the message body
264                   length is 0. However for a response the body length is the number of octets received prior to the
265                   server closing the connection. So we treat this as variable length chunked encoding.
266                  */
267                 long contentLength = contentLength();
268                 if (contentLength == 0 || contentLength == -1 && isDecodingRequest()) {
269                     ctx.fireChannelRead(message);
270                     ctx.fireChannelRead(new EmptyLastHttpContent(ctx.bufferAllocator()));
271                     resetNow();
272                     return;
273                 }
274 
275                 assert nextState == State.READ_FIXED_LENGTH_CONTENT ||
276                         nextState == State.READ_VARIABLE_LENGTH_CONTENT;
277 
278                 ctx.fireChannelRead(message);
279 
280                 if (nextState == State.READ_FIXED_LENGTH_CONTENT) {
281                     // chunkSize will be decreased as the READ_FIXED_LENGTH_CONTENT state reads data chunk by chunk.
282                     chunkSize = contentLength;
283                 }
284 
285                 // We return here, this forces decode to be called again where we will decode the content
286                 return;
287             }
288         } catch (Exception e) {
289             ctx.fireChannelRead(invalidMessage(ctx, buffer, e));
290             return;
291         }
292         case READ_VARIABLE_LENGTH_CONTENT: {
293             // Keep reading data as a chunk until the end of connection is reached.
294             int toRead = buffer.readableBytes();
295             if (toRead > 0) {
296                 Buffer content = buffer.split();
297                 ctx.fireChannelRead(new DefaultHttpContent(content));
298             }
299             return;
300         }
301         case READ_FIXED_LENGTH_CONTENT: {
302             int toRead = buffer.readableBytes();
303 
304             // Check if the buffer is readable first as we use the readable byte count
305             // to create the HttpChunk. This is needed as otherwise we may end up with
306             // create an HttpChunk instance that contains an empty buffer and so is
307             // handled like it is the last HttpChunk.
308             //
309             // See https://github.com/netty/netty/issues/433
310             if (toRead == 0) {
311                 return;
312             }
313 
314             if (toRead > chunkSize) {
315                 toRead = (int) chunkSize;
316             }
317 
318             Buffer content = buffer.readSplit(toRead);
319             chunkSize -= toRead;
320 
321             if (chunkSize == 0) {
322                 // Read all content.
323                 ctx.fireChannelRead(new DefaultLastHttpContent(content, validateHeaders));
324                 resetNow();
325             } else {
326                 ctx.fireChannelRead(new DefaultHttpContent(content));
327             }
328             return;
329         }
330         /*
331           everything else after this point takes care of reading chunked content. basically, read chunk size,
332           read chunk, read and ignore the CRLF and repeat until 0
333          */
334         case READ_CHUNK_SIZE: try {
335             AppendableCharSequence line = lineParser.parse(buffer);
336             if (line == null) {
337                 return;
338             }
339             int chunkSize = getChunkSize(line.toString());
340             this.chunkSize = chunkSize;
341             if (chunkSize == 0) {
342                 currentState = State.READ_CHUNK_FOOTER;
343                 return;
344             }
345             currentState = State.READ_CHUNKED_CONTENT;
346             // fall-through
347         } catch (Exception e) {
348             ctx.fireChannelRead(invalidChunk(ctx.bufferAllocator(), buffer, e));
349             return;
350         }
351         case READ_CHUNKED_CONTENT: {
352             assert chunkSize <= Integer.MAX_VALUE;
353             int toRead = (int) chunkSize;
354             toRead = Math.min(toRead, buffer.readableBytes());
355             if (toRead == 0) {
356                 return;
357             }
358             HttpContent<?> chunk = new DefaultHttpContent(buffer.readSplit(toRead));
359             chunkSize -= toRead;
360 
361             ctx.fireChannelRead(chunk);
362 
363             if (chunkSize != 0) {
364                 return;
365             }
366             currentState = State.READ_CHUNK_DELIMITER;
367             // fall-through
368         }
369         case READ_CHUNK_DELIMITER: {
370             // include LF in the bytes to skip
371             int bytesToSkip = buffer.bytesBefore(HttpConstants.LF) + 1;
372             if (bytesToSkip > 0) {
373                 currentState = State.READ_CHUNK_SIZE;
374                 buffer.skipReadableBytes(bytesToSkip);
375             } else {
376                 buffer.skipReadableBytes(buffer.readableBytes());
377             }
378             return;
379         }
380         case READ_CHUNK_FOOTER: try {
381             LastHttpContent<?> trailer = readTrailingHeaders(ctx.bufferAllocator(), buffer);
382             if (trailer == null) {
383                 return;
384             }
385             ctx.fireChannelRead(trailer);
386             resetNow();
387             return;
388         } catch (Exception e) {
389             ctx.fireChannelRead(invalidChunk(ctx.bufferAllocator(), buffer, e));
390             return;
391         }
392         case BAD_MESSAGE: {
393             // Keep discarding until disconnection.
394             buffer.skipReadableBytes(buffer.readableBytes());
395             break;
396         }
397         case UPGRADED: {
398             int readableBytes = buffer.readableBytes();
399             if (readableBytes > 0) {
400                 // Keep on consuming as otherwise we may trigger an DecoderException,
401                 // other handler will replace this codec with the upgraded protocol codec to
402                 // take the traffic over at some point then.
403                 // See https://github.com/netty/netty/issues/2173
404                 ctx.fireChannelRead(buffer.split());
405             }
406             break;
407         }
408         default:
409             break;
410         }
411     }
412 
413     @Override
414     protected void decodeLast(ChannelHandlerContext ctx, Buffer in) throws Exception {
415         super.decodeLast(ctx, in);
416 
417         if (resetRequested) {
418             // If a reset was requested by decodeLast() we need to do it now otherwise we may produce a
419             // LastHttpContent while there was already one.
420             resetNow();
421         }
422         // Handle the last unfinished message.
423         if (message != null) {
424             boolean chunked = HttpUtil.isTransferEncodingChunked(message);
425             if (currentState == State.READ_VARIABLE_LENGTH_CONTENT && in.readableBytes() == 0 && !chunked) {
426                 // End of connection.
427                 ctx.fireChannelRead(new EmptyLastHttpContent(ctx.bufferAllocator()));
428                 resetNow();
429                 return;
430             }
431 
432             if (currentState == State.READ_HEADER) {
433                 // If we are still in the state of reading headers we need to create a new invalid message that
434                 // signals that the connection was closed before we received the headers.
435                 ctx.fireChannelRead(invalidMessage(ctx, ctx.bufferAllocator().allocate(0),
436                         new PrematureChannelClosureException("Connection closed before received headers")));
437                 resetNow();
438                 return;
439             }
440 
441             // Check if the closure of the connection signifies the end of the content.
442             boolean prematureClosure;
443             if (isDecodingRequest() || chunked) {
444                 // The last request did not wait for a response.
445                 prematureClosure = true;
446             } else {
447                 // Compare the length of the received content and the 'Content-Length' header.
448                 // If the 'Content-Length' header is absent, the length of the content is determined by the end of the
449                 // connection, so it is perfectly fine.
450                 prematureClosure = contentLength() > 0;
451             }
452 
453             if (!prematureClosure) {
454                 ctx.fireChannelRead(new EmptyLastHttpContent(ctx.bufferAllocator()));
455             }
456             resetNow();
457         }
458     }
459 
460     @Override
461     public void channelInboundEvent(ChannelHandlerContext ctx, Object evt) throws Exception {
462         if (evt instanceof HttpExpectationFailedEvent) {
463             switch (currentState) {
464             case READ_FIXED_LENGTH_CONTENT:
465             case READ_VARIABLE_LENGTH_CONTENT:
466             case READ_CHUNK_SIZE:
467                 reset();
468                 break;
469             default:
470                 break;
471             }
472         }
473         super.channelInboundEvent(ctx, evt);
474     }
475 
476     protected boolean isContentAlwaysEmpty(HttpMessage msg) {
477         if (msg instanceof HttpResponse) {
478             HttpResponse res = (HttpResponse) msg;
479             int code = res.status().code();
480             // All 1xx (Informational), 204 (No Content), and 304 (Not Modified) responses do not include
481             // a message body. All other responses do include a message body,
482             // although the body might be of zero length.
483             // https://httpwg.org/specs/rfc7230.html#message.body
484             if (code >= 100 && code < 200) {
485                 return true;
486             }
487 
488             return code == 204 || code == 304;
489         }
490 
491         return false;
492     }
493 
494     /**
495      * Returns true if the server switched to a different protocol than HTTP/1.0 or HTTP/1.1, e.g. HTTP/2 or Websocket.
496      * Returns false if the upgrade happened in a different layer, e.g. upgrade from HTTP/1.1 to HTTP/1.1 over TLS.
497      */
498     protected boolean isSwitchingToNonHttp1Protocol(HttpResponse msg) {
499         if (msg.status().code() != HttpResponseStatus.SWITCHING_PROTOCOLS.code()) {
500             return false;
501         }
502         String newProtocol = msg.headers().get(HttpHeaderNames.UPGRADE);
503         return newProtocol == null ||
504                 !newProtocol.contains(HttpVersion.HTTP_1_0.text()) &&
505                 !newProtocol.contains(HttpVersion.HTTP_1_1.text());
506     }
507 
508     /**
509      * Resets the state of the decoder so that it is ready to decode a new message.
510      * This method is useful for handling a rejected request with {@code Expect: 100-continue} header.
511      */
512     public void reset() {
513         resetRequested = true;
514     }
515 
516     private void resetNow() {
517         HttpMessage message = this.message;
518         this.message = null;
519         name = null;
520         value = null;
521         contentLength = Long.MIN_VALUE;
522         lineParser.reset();
523         headerParser.reset();
524         trailer = null;
525         if (!isDecodingRequest()) {
526             HttpResponse res = (HttpResponse) message;
527             if (res != null && isSwitchingToNonHttp1Protocol(res)) {
528                 currentState = State.UPGRADED;
529                 return;
530             }
531         }
532 
533         resetRequested = false;
534         currentState = State.SKIP_CONTROL_CHARS;
535     }
536 
537     private HttpMessage invalidMessage(ChannelHandlerContext ctx, Buffer in, Exception cause) {
538         currentState = State.BAD_MESSAGE;
539 
540         // Advance the readerIndex so that ByteToMessageDecoder does not complain
541         // when we produced an invalid message without consuming anything.
542         in.skipReadableBytes(in.readableBytes());
543 
544         if (message == null) {
545             message = createInvalidMessage(ctx);
546         }
547         message.setDecoderResult(DecoderResult.failure(cause));
548 
549         HttpMessage ret = message;
550         message = null;
551         return ret;
552     }
553 
554     private HttpContent<?> invalidChunk(BufferAllocator allocator, Buffer in, Exception cause) {
555         currentState = State.BAD_MESSAGE;
556 
557         // Advance the readerIndex so that ByteToMessageDecoder does not complain
558         // when we produced an invalid message without consuming anything.
559         in.skipReadableBytes(in.readableBytes());
560 
561         HttpContent<?> chunk = new DefaultLastHttpContent(allocator.allocate(0));
562         chunk.setDecoderResult(DecoderResult.failure(cause));
563         message = null;
564         trailer = null;
565         return chunk;
566     }
567 
568     private State readHeaders(Buffer buffer) {
569         final HttpMessage message = this.message;
570         final HttpHeaders headers = message.headers();
571 
572         AppendableCharSequence line = headerParser.parse(buffer);
573         if (line == null) {
574             return null;
575         }
576         if (line.length() > 0) {
577             do {
578                 char firstChar = line.charAtUnsafe(0);
579                 if (name != null && (firstChar == ' ' || firstChar == '\t')) {
580                     //please do not make one line from below code
581                     //as it breaks +XX:OptimizeStringConcat optimization
582                     String trimmedLine = line.toString().trim();
583                     String valueStr = String.valueOf(value);
584                     value = valueStr + ' ' + trimmedLine;
585                 } else {
586                     if (name != null) {
587                         headers.add(name, value);
588                     }
589                     splitHeader(line);
590                 }
591 
592                 line = headerParser.parse(buffer);
593                 if (line == null) {
594                     return null;
595                 }
596             } while (line.length() > 0);
597         }
598 
599         // Add the last header.
600         if (name != null) {
601             headers.add(name, value);
602         }
603 
604         // reset name and value fields
605         name = null;
606         value = null;
607 
608         // Done parsing initial line and headers. Set decoder result.
609         HttpMessageDecoderResult decoderResult = new HttpMessageDecoderResult(lineParser.size, headerParser.size);
610         message.setDecoderResult(decoderResult);
611 
612         List<String> contentLengthFields = headers.getAll(HttpHeaderNames.CONTENT_LENGTH);
613         if (!contentLengthFields.isEmpty()) {
614             HttpVersion version = message.protocolVersion();
615             boolean isHttp10OrEarlier = version.majorVersion() < 1 || (version.majorVersion() == 1
616                     && version.minorVersion() == 0);
617             // Guard against multiple Content-Length headers as stated in
618             // https://tools.ietf.org/html/rfc7230#section-3.3.2:
619             contentLength = HttpUtil.normalizeAndGetContentLength(contentLengthFields,
620                     isHttp10OrEarlier, allowDuplicateContentLengths);
621             if (contentLength != -1) {
622                 headers.set(HttpHeaderNames.CONTENT_LENGTH, contentLength);
623             }
624         }
625 
626         if (isContentAlwaysEmpty(message)) {
627             HttpUtil.setTransferEncodingChunked(message, false);
628             return State.SKIP_CONTROL_CHARS;
629         } else if (HttpUtil.isTransferEncodingChunked(message)) {
630             if (!contentLengthFields.isEmpty() && message.protocolVersion() == HttpVersion.HTTP_1_1) {
631                 handleTransferEncodingChunkedWithContentLength(message);
632             }
633             return State.READ_CHUNK_SIZE;
634         } else if (contentLength() >= 0) {
635             return State.READ_FIXED_LENGTH_CONTENT;
636         } else {
637             return State.READ_VARIABLE_LENGTH_CONTENT;
638         }
639     }
640 
641     /**
642      * Invoked when a message with both a "Transfer-Encoding: chunked" and a "Content-Length" header field is detected.
643      * The default behavior is to <i>remove</i> the Content-Length field, but this method could be overridden
644      * to change the behavior (to, e.g., throw an exception and produce an invalid message).
645      * <p>
646      * See: https://tools.ietf.org/html/rfc7230#section-3.3.3
647      * <pre>
648      *     If a message is received with both a Transfer-Encoding and a
649      *     Content-Length header field, the Transfer-Encoding overrides the
650      *     Content-Length.  Such a message might indicate an attempt to
651      *     perform request smuggling (Section 9.5) or response splitting
652      *     (Section 9.4) and ought to be handled as an error.  A sender MUST
653      *     remove the received Content-Length field prior to forwarding such
654      *     a message downstream.
655      * </pre>
656      * Also see:
657      * https://github.com/apache/tomcat/blob/b693d7c1981fa7f51e58bc8c8e72e3fe80b7b773/
658      * java/org/apache/coyote/http11/Http11Processor.java#L747-L755
659      * https://github.com/nginx/nginx/blob/0ad4393e30c119d250415cb769e3d8bc8dce5186/
660      * src/http/ngx_http_request.c#L1946-L1953
661      */
662     protected void handleTransferEncodingChunkedWithContentLength(HttpMessage message) {
663         message.headers().remove(HttpHeaderNames.CONTENT_LENGTH);
664         contentLength = Long.MIN_VALUE;
665     }
666 
667     private long contentLength() {
668         if (contentLength == Long.MIN_VALUE) {
669             contentLength = HttpUtil.getContentLength(message, -1L);
670         }
671         return contentLength;
672     }
673 
674     private LastHttpContent<?> readTrailingHeaders(BufferAllocator allocator, Buffer buffer) {
675         AppendableCharSequence line = headerParser.parse(buffer);
676         if (line == null) {
677             return null;
678         }
679         LastHttpContent<?> trailer = this.trailer;
680         if (line.length() == 0 && trailer == null) {
681             // We have received the empty line which signals the trailer is complete and did not parse any trailers
682             // before. Just return an empty last content to reduce allocations.
683             return new EmptyLastHttpContent(allocator);
684         }
685 
686         CharSequence lastHeader = null;
687         if (trailer == null) {
688             trailer = this.trailer = new DefaultLastHttpContent(allocator.allocate(0), validateHeaders);
689         }
690         while (line.length() > 0) {
691             char firstChar = line.charAtUnsafe(0);
692             if (lastHeader != null && (firstChar == ' ' || firstChar == '\t')) {
693                 List<String> current = trailer.trailingHeaders().getAll(lastHeader);
694                 if (!current.isEmpty()) {
695                     int lastPos = current.size() - 1;
696                     //please do not make one line from below code
697                     //as it breaks +XX:OptimizeStringConcat optimization
698                     String lineTrimmed = line.toString().trim();
699                     String currentLastPos = current.get(lastPos);
700                     current.set(lastPos, currentLastPos + lineTrimmed);
701                 }
702             } else {
703                 splitHeader(line);
704                 CharSequence headerName = name;
705                 if (!HttpHeaderNames.CONTENT_LENGTH.contentEqualsIgnoreCase(headerName) &&
706                         !HttpHeaderNames.TRANSFER_ENCODING.contentEqualsIgnoreCase(headerName) &&
707                         !HttpHeaderNames.TRAILER.contentEqualsIgnoreCase(headerName)) {
708                     trailer.trailingHeaders().add(headerName, value);
709                 }
710                 lastHeader = name;
711                 // reset name and value fields
712                 name = null;
713                 value = null;
714             }
715             line = headerParser.parse(buffer);
716             if (line == null) {
717                 return null;
718             }
719         }
720 
721         this.trailer = null;
722         return trailer;
723     }
724 
725     protected abstract boolean isDecodingRequest();
726     protected abstract HttpMessage createMessage(String[] initialLine) throws Exception;
727     protected abstract HttpMessage createInvalidMessage(ChannelHandlerContext ctx);
728 
729     private static int getChunkSize(String hex) {
730         hex = hex.trim();
731         for (int i = 0; i < hex.length(); i ++) {
732             char c = hex.charAt(i);
733             if (c == ';' || Character.isWhitespace(c) || Character.isISOControl(c)) {
734                 hex = hex.substring(0, i);
735                 break;
736             }
737         }
738 
739         return Integer.parseInt(hex, 16);
740     }
741 
742     private static String[] splitInitialLine(AppendableCharSequence sb) {
743         int aStart;
744         int aEnd;
745         int bStart;
746         int bEnd;
747         int cStart;
748         int cEnd;
749 
750         aStart = findNonSPLenient(sb, 0);
751         aEnd = findSPLenient(sb, aStart);
752 
753         bStart = findNonSPLenient(sb, aEnd);
754         bEnd = findSPLenient(sb, bStart);
755 
756         cStart = findNonSPLenient(sb, bEnd);
757         cEnd = findEndOfString(sb);
758 
759         return new String[] {
760                 sb.subStringUnsafe(aStart, aEnd),
761                 sb.subStringUnsafe(bStart, bEnd),
762                 cStart < cEnd? sb.subStringUnsafe(cStart, cEnd) : "" };
763     }
764 
765     private void splitHeader(AppendableCharSequence sb) {
766         final int length = sb.length();
767         int nameStart;
768         int nameEnd;
769         int colonEnd;
770         int valueStart;
771         int valueEnd;
772 
773         nameStart = findNonWhitespace(sb, 0);
774         for (nameEnd = nameStart; nameEnd < length; nameEnd ++) {
775             char ch = sb.charAtUnsafe(nameEnd);
776             // https://tools.ietf.org/html/rfc7230#section-3.2.4
777             //
778             // No whitespace is allowed between the header field-name and colon. In
779             // the past, differences in the handling of such whitespace have led to
780             // security vulnerabilities in request routing and response handling. A
781             // server MUST reject any received request message that contains
782             // whitespace between a header field-name and colon with a response code
783             // of 400 (Bad Request). A proxy MUST remove any such whitespace from a
784             // response message before forwarding the message downstream.
785             if (ch == ':' ||
786                     // In case of decoding a request we will just continue processing and header validation
787                     // is done in the DefaultHttpHeaders implementation.
788                     //
789                     // In the case of decoding a response we will "skip" the whitespace.
790                     (!isDecodingRequest() && isOWS(ch))) {
791                 break;
792             }
793         }
794 
795         if (nameEnd == length) {
796             // There was no colon present at all.
797             throw new IllegalArgumentException("No colon found");
798         }
799 
800         for (colonEnd = nameEnd; colonEnd < length; colonEnd ++) {
801             if (sb.charAtUnsafe(colonEnd) == ':') {
802                 colonEnd ++;
803                 break;
804             }
805         }
806 
807         name = sb.subStringUnsafe(nameStart, nameEnd);
808         valueStart = findNonWhitespace(sb, colonEnd);
809         if (valueStart == length) {
810             value = EMPTY_VALUE;
811         } else {
812             valueEnd = findEndOfString(sb);
813             value = sb.subStringUnsafe(valueStart, valueEnd);
814         }
815     }
816 
817     private static int findNonSPLenient(AppendableCharSequence sb, int offset) {
818         for (int result = offset; result < sb.length(); ++result) {
819             char c = sb.charAtUnsafe(result);
820             // See https://tools.ietf.org/html/rfc7230#section-3.5
821             if (isSPLenient(c)) {
822                 continue;
823             }
824             if (Character.isWhitespace(c)) {
825                 // Any other whitespace delimiter is invalid
826                 throw new IllegalArgumentException("Invalid separator");
827             }
828             return result;
829         }
830         return sb.length();
831     }
832 
833     private static int findSPLenient(AppendableCharSequence sb, int offset) {
834         for (int result = offset; result < sb.length(); ++result) {
835             if (isSPLenient(sb.charAtUnsafe(result))) {
836                 return result;
837             }
838         }
839         return sb.length();
840     }
841 
842     private static boolean isSPLenient(char c) {
843         // See https://tools.ietf.org/html/rfc7230#section-3.5
844         return c == ' ' || c == (char) 0x09 || c == (char) 0x0B || c == (char) 0x0C || c == (char) 0x0D;
845     }
846 
847     private static int findNonWhitespace(AppendableCharSequence sb, int offset) {
848         for (int result = offset; result < sb.length(); ++result) {
849             char c = sb.charAtUnsafe(result);
850             if (!Character.isWhitespace(c)) {
851                 return result;
852             } else if (!isOWS(c)) {
853                 // Only OWS is supported for whitespace
854                 throw new IllegalArgumentException("Invalid separator, only a single space or horizontal tab allowed," +
855                         " but received a '" + c + "' (0x" + Integer.toHexString(c) + ")");
856             }
857         }
858         return sb.length();
859     }
860 
861     private static int findEndOfString(AppendableCharSequence sb) {
862         for (int result = sb.length() - 1; result > 0; --result) {
863             if (!Character.isWhitespace(sb.charAtUnsafe(result))) {
864                 return result + 1;
865             }
866         }
867         return 0;
868     }
869 
870     private static boolean isOWS(char ch) {
871         return ch == ' ' || ch == (char) 0x09;
872     }
873 
874     private static class HeaderParser implements ByteProcessor {
875         private final AppendableCharSequence seq;
876         private final int maxLength;
877         int size;
878 
879         HeaderParser(AppendableCharSequence seq, int maxLength) {
880             this.seq = seq;
881             this.maxLength = maxLength;
882         }
883 
884         public AppendableCharSequence parse(Buffer buffer) {
885             final int oldSize = size;
886             seq.reset();
887             int i = buffer.openCursor().process(this);
888             if (i == -1) {
889                 size = oldSize;
890                 return null;
891             }
892             buffer.skipReadableBytes(i + 1);
893             return seq;
894         }
895 
896         public void reset() {
897             size = 0;
898         }
899 
900         @Override
901         public boolean process(byte value) {
902             char nextByte = (char) (value & 0xFF);
903             if (nextByte == HttpConstants.LF) {
904                 int len = seq.length();
905                 // Drop CR if we had a CRLF pair
906                 if (len >= 1 && seq.charAtUnsafe(len - 1) == HttpConstants.CR) {
907                     -- size;
908                     seq.setLength(len - 1);
909                 }
910                 return false;
911             }
912 
913             increaseCount();
914 
915             seq.append(nextByte);
916             return true;
917         }
918 
919         protected final void increaseCount() {
920             if (++ size > maxLength) {
921                 // TODO: Respond with Bad Request and discard the traffic
922                 //    or close the connection.
923                 //       No need to notify the upstream handlers - just log.
924                 //       If decoding a response, just throw an exception.
925                 throw newException(maxLength);
926             }
927         }
928 
929         protected TooLongFrameException newException(int maxLength) {
930             return new TooLongHttpHeaderException("HTTP header is larger than " + maxLength + " bytes.");
931         }
932     }
933 
934     private final class LineParser extends HeaderParser {
935 
936         LineParser(AppendableCharSequence seq, int maxLength) {
937             super(seq, maxLength);
938         }
939 
940         @Override
941         public AppendableCharSequence parse(Buffer buffer) {
942             // Suppress a warning because HeaderParser.reset() is supposed to be called
943             reset();    // lgtm[java/subtle-inherited-call]
944             return super.parse(buffer);
945         }
946 
947         @Override
948         public boolean process(byte value) {
949             if (currentState == State.SKIP_CONTROL_CHARS) {
950                 char c = (char) (value & 0xFF);
951                 if (Character.isISOControl(c) || Character.isWhitespace(c)) {
952                     increaseCount();
953                     return true;
954                 }
955                 currentState = State.READ_INITIAL;
956             }
957             return super.process(value);
958         }
959 
960         @Override
961         protected TooLongFrameException newException(int maxLength) {
962             return new TooLongHttpLineException("An HTTP line is larger than " + maxLength + " bytes.");
963         }
964     }
965 }