Fail with correct status code on invalid method

author: Bjørn Christian Seime <bjorncs@verizonmedia.com> 2022-02-09 15:31:00 +0100
committer: Bjørn Christian Seime <bjorncs@verizonmedia.com> 2022-02-09 15:31:14 +0100
commit: 9236c2a5e173911dad77d96b4fa3fb93c070bc24 (patch)
tree: 539d14d7f5e4eaa2751a0d2c28edf84a51da2bac /container-core
parent: 38620108085ba82cd7c43fbabb02aee848e5ff26 (diff)
1 files changed, 11 insertions, 1 deletions
diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java
index c54fa1cf1b9..8edc2eb84d0 100644
--- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java
+++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java
@@ -13,6 +13,7 @@ import java.security.cert.X509Certificate;
 import java.util.Enumeration;
 
 import static com.yahoo.jdisc.Response.Status.BAD_REQUEST;
+import static com.yahoo.jdisc.Response.Status.METHOD_NOT_ALLOWED;
 import static com.yahoo.jdisc.http.server.jetty.RequestUtils.getConnection;
 import static com.yahoo.jdisc.http.server.jetty.RequestUtils.getConnectorLocalPort;
 
@@ -27,7 +28,7 @@ class HttpRequestFactory {
             HttpRequest httpRequest = HttpRequest.newServerRequest(
                     container,
                     getUri(servletRequest),
-                    HttpRequest.Method.valueOf(servletRequest.getMethod()),
+                    getMethod(servletRequest),
                     HttpRequest.Version.fromString(servletRequest.getProtocol()),
                     new InetSocketAddress(servletRequest.getRemoteAddr(), servletRequest.getRemotePort()),
                     getConnection((Request) servletRequest).getCreatedTimeStamp());
@@ -39,6 +40,15 @@ class HttpRequestFactory {
         }
     }
 
+    private static HttpRequest.Method getMethod(HttpServletRequest servletRequest) {
+        String method = servletRequest.getMethod();
+        try {
+            return HttpRequest.Method.valueOf(method);
+        } catch (IllegalArgumentException e) {
+            throw new RequestException(METHOD_NOT_ALLOWED, "Invalid method '" + method + "'");
+        }
+    }
+
     // Implementation based on org.eclipse.jetty.server.Request.getRequestURL(), but with the connector's local port instead
     public static URI getUri(HttpServletRequest servletRequest) {
         try {
author	Bjørn Christian Seime <bjorncs@verizonmedia.com>	2022-02-09 15:31:00 +0100
committer	Bjørn Christian Seime <bjorncs@verizonmedia.com>	2022-02-09 15:31:14 +0100
commit	9236c2a5e173911dad77d96b4fa3fb93c070bc24 (patch)
tree	539d14d7f5e4eaa2751a0d2c28edf84a51da2bac /container-core
parent	38620108085ba82cd7c43fbabb02aee848e5ff26 (diff)