@UnstableApi public final class HttpHeaderValidationUtil extends java.lang.Object
限定符和类型 | 方法和说明 |
---|---|
static boolean |
isConnectionHeader(java.lang.CharSequence name,
boolean ignoreTeHeader)
Check if a header name is "connection related".
|
static boolean |
isTeNotTrailers(java.lang.CharSequence name,
java.lang.CharSequence value)
If the given header is
HttpHeaderNames.TE and the given header value is not
HttpHeaderValues.TRAILERS , then return true . |
static int |
validateToken(java.lang.CharSequence token)
Validate a token contains only allowed
characters.
|
static int |
validateValidHeaderValue(java.lang.CharSequence value)
Validate the given HTTP header value by searching for any illegal characters.
|
public static boolean isConnectionHeader(java.lang.CharSequence name, boolean ignoreTeHeader)
The RFC9110 only specify an incomplete list of the following headers:
name
- the name of the header to check. The check is case-insensitive.ignoreTeHeader
- true
if the TE header should be ignored by this check.
This is relevant for HTTP/2 header validation, where the TE header has special rules.true
if the given header name is one of the specified connection-related headers.public static boolean isTeNotTrailers(java.lang.CharSequence name, java.lang.CharSequence value)
HttpHeaderNames.TE
and the given header value is not
HttpHeaderValues.TRAILERS
, then return true
. Otherwie, false
.
The string comparisons are case-insensitive.
This check is important for HTTP/2 header validation.
name
- the header name to check if it is TE or not.value
- the header value to check if it is something other than TRAILERS.true
only if the header name is TE, and the header value is not
TRAILERS. Otherwise, false
.public static int validateValidHeaderValue(java.lang.CharSequence value)
value
- the HTTP header value to validate.-1
if there are none and the header value is
valid.public static int validateToken(java.lang.CharSequence token)
The token format is used for variety of HTTP components, like cookie-name, field-name of a header-field, or request method.
token
- the token to validate.-1
if there are none.