RFR: 8303965: java.net.http.HttpClient should reset the stream if response headers contain malformed header fields [v2]

[Jaikiran Pai]

On Fri, 10 Mar 2023 14:27:21 GMT, Daniel Fuchs <dfuchs at openjdk.org> wrote:

>> According to RFC 7540:
>> 
>> Endpoints MUST treat a request or response that contains undefined or invalid pseudo-header fields as malformed (Section 8.1.2.6).
>> 
>> Section-8.1.2.6:
>> Malformed requests or responses that are detected MUST be treated as a stream error (Section 5.4.2) of type PROTOCOL_ERROR.
>> 
>> The current behavior is to close the connection with protocol error. This change makes it reset the stream instead.
>
> Daniel Fuchs has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains three additional commits since the last revision:
> 
>  - add bug id to test
>  - Merge branch 'master' into MalformedResponse-8303965
>  - 8303965

The change looks good to me. I just have a question about the RFC numbers in the comment, which I have asked inline.

src/java.net.http/share/classes/jdk/internal/net/http/Http2Connection.java line 1220:

> 1218:      */
> 1219:     @SuppressWarnings("unchecked")
> 1220:     <T> Stream<T> getInitialStream() {

Given that this method returns and also updates the initial stream member field, the naming of this method is a bit odd. But I can't think of a better name, plus this is internal to the `jdk.internal.net.http` package and also has a comment which explains what it does, so I think this name is fine.

src/java.net.http/share/classes/jdk/internal/net/http/common/ValidatingHeadersConsumer.java line 32:

> 30: 
> 31: /*
> 32:  * Checks RFC 7540 rules (relaxed) compliance regarding pseudo-headers.

Same here, should we use new RFC number?

-------------

Marked as reviewed by jpai (Reviewer).

PR: https://git.openjdk.org/jdk/pull/12976