-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement RFC-7230 section 5.3.3 #66
Changes from 1 commit
56c19ad
b1ec83f
d7312dd
3d779a3
05d1759
0ce68f0
f0a770d
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -88,16 +88,29 @@ private void writeTo(OutputStream outputStream, boolean newLine) throws IOExcept | |
outputStream.write(method.getBytes(StandardCharsets.US_ASCII)); | ||
outputStream.write(' '); | ||
|
||
String path = uri.getRawPath(); | ||
if (path == null || path.isEmpty()) { | ||
outputStream.write('/'); | ||
//RFC-7230 section 5.3.3 | ||
if ("CONNECT".equalsIgnoreCase(method)) { | ||
String host = uri.getHost(); | ||
int port = uri.getPort(); | ||
assert host != null : "Host is missing from RequestLine uri"; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I noticed this library does not use asserts or throws, so curious to hear what the suggestion is here. https://datatracker.ietf.org/doc/html/rfc7230#section-5.3.3 seems to require host to be provided in a CONNECT case There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. host can be null here. The There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Oh, you're about this:
In this case, this shouldn't be an assert, it should be straight out an Exception, because the caller should be notified of the problem. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Thanks for the suggestion! I'll implement this. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Looks like the server side also has some "obligations" to make CONNECT work.
To support CONNECT correctly, we would need to do this as well :) . But I can finish the job, just let me know if you can help and how you're using this, so I can understand the use cases. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I can take a look. I'm implementing a tunnel solution in java which connects to pomerium. As part of their tcp tunnel implementation, I create a socket and send a CONNECT request to which it replies with a response followed by keeping the socket open and switches over to proxying the streams. So I'm using this library to construct the initial message and parse the response. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Went through and added move validations and some changes to requestHasBody (responseHasBody is already handling connect). Let me know if there were other areas of the code you can think of that may need this (new to the project 😊) |
||
|
||
outputStream.write(host.getBytes(StandardCharsets.US_ASCII)); | ||
if (port != -1) { | ||
outputStream.write(':'); | ||
outputStream.write(Integer.toString(port).getBytes(StandardCharsets.US_ASCII)); | ||
} | ||
} else { | ||
outputStream.write(path.getBytes(StandardCharsets.US_ASCII)); | ||
} | ||
String query = uri.getRawQuery(); | ||
if (query != null && !query.isEmpty()) { | ||
outputStream.write('?'); | ||
outputStream.write(query.getBytes(StandardCharsets.US_ASCII)); | ||
String path = uri.getRawPath(); | ||
if (path == null || path.isEmpty()) { | ||
outputStream.write('/'); | ||
} else { | ||
outputStream.write(path.getBytes(StandardCharsets.US_ASCII)); | ||
} | ||
String query = uri.getRawQuery(); | ||
if (query != null && !query.isEmpty()) { | ||
outputStream.write('?'); | ||
outputStream.write(query.getBytes(StandardCharsets.US_ASCII)); | ||
} | ||
} | ||
|
||
outputStream.write(' '); | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the easier way to do this logic would be to already check the options here, like this:
There's no need to enter this branch in any other case. Also notice the code below is checking the wrong option.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Jeez, good catch, starts with allowIllegal and they all looked the same 🙈
Ok so the thinking is if allowIllegalConnectAuthority is set, the logic will fall back into the original implementation.