Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

8255244: HttpClient: Response headers contain incorrectly encoded Unicode characters #1169

Closed
wants to merge 1 commit into from
Closed

8255244: HttpClient: Response headers contain incorrectly encoded Unicode characters #1169

wants to merge 1 commit into from

Conversation

dfuch
Copy link
Member

@dfuch dfuch commented Nov 11, 2020
edited by openjdk bot

The HTTP/1.1 Header Parser of the new HttpClient currently assumes that all headers (names and value) are US-ASCII and as a result mis-decode any byte whose value is > 127; For instance, 0x80 (128) gets decoded as a U+FF80 (65408) instead of being either rejected or decoded as U+0080.

Historically, HTTP has allowed field content with text in the ISO-8859-1 charset. The ISO-8859-1 charset is also supported by HttpURLConnection.

We could decide to reject responses whose headers contain non US-ASCII characters out of hand, but for compatibility reasons, it seems preferable to interpret and accept any byte > 127 in header values as an ISO-8859-1 (Latin 1) character.
For backward compatibility, this change proposes to update the HTTP/1.1 Header Parser to support ISO-8859-1 encoding.
The HTTP/1.1 Header Parser will now apply the same validation than is already applied by the HTTP/2 stack.

Progress

  • Change must not contain extraneous whitespace
  • Commit message must refer to an issue
  • Change must be properly reviewed

Testing

Linux x64 Linux x86 Windows x64 macOS x64
Build ✔️ (5/5 passed) ✔️ (2/2 passed) ✔️ (2/2 passed) ✔️ (2/2 passed)
Test (tier1) ✔️ (9/9 passed) ✔️ (9/9 passed) ✔️ (9/9 passed) ✔️ (9/9 passed)

Issue

  • JDK-8255244: HttpClient: Response headers contain incorrectly encoded Unicode characters

Reviewers

Download

$ git fetch https://git.openjdk.java.net/jdk pull/1169/head:pull/1169
$ git checkout pull/1169

@dfuch
8255244: HttpClient: Response headers contain incorrectly encoded Uni…
6cf5908 
…code characters

The HTTP/1.1 Header Parser is updated to support ISO-8859-1 encoding for backward compatibility,
in conformance with RFC 7230.
@bridgekeeper
Copy link

bridgekeeper bot commented Nov 11, 2020

👋 Welcome back dfuchs! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

@openjdk openjdk bot added the rfr Pull request is ready for review label Nov 11, 2020
@openjdk
Copy link

openjdk bot commented Nov 11, 2020

@dfuch The following label will be automatically applied to this pull request:

  • net

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command.

@openjdk openjdk bot added the net net-dev@openjdk.org label Nov 11, 2020
@mlbridge
Copy link

mlbridge bot commented Nov 11, 2020

Webrevs

@openjdk
Copy link

openjdk bot commented Nov 13, 2020
edited

@dfuch This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

8255244: HttpClient: Response headers contain incorrectly encoded Unicode characters

Reviewed-by: chegar, michaelm

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 37 new commits pushed to the master branch:

  • 56ea786: 8245215: Obsolete InitialBootClassLoaderMetaspaceSize and UseLargePagesInMetaspace
  • e9956fe: 8256127: Add cross-compiled foreign architectures builds to submit workflow
  • c8dd0b5: 8256320: ZGC: Update zDebug to support UseCompressedClassPointers
  • 5973e91: 8253005: Add @throws IOException in javadoc for HttpEchange.sendResponseHeaders
  • 8c31bd2: 8256275: Optimized build is broken
  • b0c28fa: 8256011: Shenandoah: Don't resurrect finalizably reachable objects
  • 41139e3: 8255964: Add all details to jstack log in jtreg timeout handler
  • b4d0186: 8253525: Implement getInstanceSize/sizeOf intrinsics
  • ea576dd: 8254887: C2: assert(cl->trip_count() > 0) failed: peeling a fully unrolled loop
  • 05b8245: 8256290: javac/lambda/T8031967.java fails with StackOverflowError on x86_32
  • ... and 27 more: https://git.openjdk.java.net/jdk/compare/6247736fc9dedf60881639b768be68a2de8bd981...master

As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

➡️ To integrate this PR with the above commit message to the master branch, type /integrate in a new comment.

@openjdk openjdk bot added the ready Pull request is ready to be integrated label Nov 13, 2020
Michael-Mc-Mahon
Michael-Mc-Mahon approved these changes Nov 13, 2020
View reviewed changes
Copy link
Member

@Michael-Mc-Mahon Michael-Mc-Mahon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@dfuch
Copy link
Member Author

dfuch commented Nov 13, 2020

/integrate

@openjdk openjdk bot closed this Nov 13, 2020
@openjdk openjdk bot added integrated Pull request has been integrated and removed ready Pull request is ready to be integrated rfr Pull request is ready for review labels Nov 13, 2020
@openjdk
Copy link

openjdk bot commented Nov 13, 2020

@dfuch Since your change was applied there have been 37 commits pushed to the master branch:

  • 56ea786: 8245215: Obsolete InitialBootClassLoaderMetaspaceSize and UseLargePagesInMetaspace
  • e9956fe: 8256127: Add cross-compiled foreign architectures builds to submit workflow
  • c8dd0b5: 8256320: ZGC: Update zDebug to support UseCompressedClassPointers
  • 5973e91: 8253005: Add @throws IOException in javadoc for HttpEchange.sendResponseHeaders
  • 8c31bd2: 8256275: Optimized build is broken
  • b0c28fa: 8256011: Shenandoah: Don't resurrect finalizably reachable objects
  • 41139e3: 8255964: Add all details to jstack log in jtreg timeout handler
  • b4d0186: 8253525: Implement getInstanceSize/sizeOf intrinsics
  • ea576dd: 8254887: C2: assert(cl->trip_count() > 0) failed: peeling a fully unrolled loop
  • 05b8245: 8256290: javac/lambda/T8031967.java fails with StackOverflowError on x86_32
  • ... and 27 more: https://git.openjdk.java.net/jdk/compare/6247736fc9dedf60881639b768be68a2de8bd981...master

Your commit was automatically rebased without conflicts.

Pushed as commit 1c47244.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.

openjdk-notifier bot referenced this pull request Nov 13, 2020
@dfuch
8255244: HttpClient: Response headers contain incorrectly encoded Uni…
1c47244 
…code characters

Reviewed-by: chegar, michaelm
@dfuch dfuch deleted the iso-8859-1-8255244 branch November 13, 2020 15:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ChrisHegarty ChrisHegarty ChrisHegarty approved these changes

@Michael-Mc-Mahon Michael-Mc-Mahon Michael-Mc-Mahon approved these changes

Assignees
No one assigned
Labels
integrated Pull request has been integrated net net-dev@openjdk.org
Milestone
No milestone
3 participants
@dfuch @ChrisHegarty @Michael-Mc-Mahon