New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allows JdkClientHttpRequest.DISALLOWED_HEADERS to be customized. #30788
Allows JdkClientHttpRequest.DISALLOWED_HEADERS to be customized. #30788
Conversation
It does this by reading the System property `jdk.httpclient.allowRestrictedHeaders` and removing those set from the default list. Fixes spring-projectsgh-30787
TreeSet<String> headers = new TreeSet<>(String.CASE_INSENSITIVE_ORDER); | ||
headers.addAll(Set.of("connection", "content-length", "expect", "host", "upgrade")); | ||
|
||
String headersToAllow = System.getProperty("jdk.httpclient.allowRestrictedHeaders"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe there is a setter somewhere and we set the property rather than trying to read it?
@@ -48,8 +51,19 @@ class JdkClientHttpRequest extends AbstractStreamingClientHttpRequest { | |||
* The JDK HttpRequest doesn't allow all headers to be set. The named headers are taken from the default | |||
* implementation for HttpRequest. | |||
*/ | |||
private static final List<String> DISALLOWED_HEADERS = | |||
List.of("connection", "content-length", "expect", "host", "upgrade"); | |||
protected static final Set<String> DISALLOWED_HEADERS = getDisallowedHeaders(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
protected
was changed to test without much setup.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
AbstractMockWebServerTests
dispatch for /echo
checks that Host
is localhost:port
, so unsure how to test otherwise.
* gh-30788: Polishing external contribution Allow customization of disallowed JdkClientHttpRequest headers
It does this by reading the System property
jdk.httpclient.allowRestrictedHeaders
and removing those set from the default list.Fixes gh-30787