diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2022-02-09 15:31:00 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2022-02-09 15:31:14 +0100 |
commit | 9236c2a5e173911dad77d96b4fa3fb93c070bc24 (patch) | |
tree | 539d14d7f5e4eaa2751a0d2c28edf84a51da2bac /container-core | |
parent | 38620108085ba82cd7c43fbabb02aee848e5ff26 (diff) |
Fail with correct status code on invalid method
Diffstat (limited to 'container-core')
-rw-r--r-- | container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java index c54fa1cf1b9..8edc2eb84d0 100644 --- a/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java +++ b/container-core/src/main/java/com/yahoo/jdisc/http/server/jetty/HttpRequestFactory.java @@ -13,6 +13,7 @@ import java.security.cert.X509Certificate; import java.util.Enumeration; import static com.yahoo.jdisc.Response.Status.BAD_REQUEST; +import static com.yahoo.jdisc.Response.Status.METHOD_NOT_ALLOWED; import static com.yahoo.jdisc.http.server.jetty.RequestUtils.getConnection; import static com.yahoo.jdisc.http.server.jetty.RequestUtils.getConnectorLocalPort; @@ -27,7 +28,7 @@ class HttpRequestFactory { HttpRequest httpRequest = HttpRequest.newServerRequest( container, getUri(servletRequest), - HttpRequest.Method.valueOf(servletRequest.getMethod()), + getMethod(servletRequest), HttpRequest.Version.fromString(servletRequest.getProtocol()), new InetSocketAddress(servletRequest.getRemoteAddr(), servletRequest.getRemotePort()), getConnection((Request) servletRequest).getCreatedTimeStamp()); @@ -39,6 +40,15 @@ class HttpRequestFactory { } } + private static HttpRequest.Method getMethod(HttpServletRequest servletRequest) { + String method = servletRequest.getMethod(); + try { + return HttpRequest.Method.valueOf(method); + } catch (IllegalArgumentException e) { + throw new RequestException(METHOD_NOT_ALLOWED, "Invalid method '" + method + "'"); + } + } + // Implementation based on org.eclipse.jetty.server.Request.getRequestURL(), but with the connector's local port instead public static URI getUri(HttpServletRequest servletRequest) { try { |