Enum HttpCompliance.Violation

java.lang.Object
java.lang.Enum<HttpCompliance.Violation>
org.eclipse.jetty.http.HttpCompliance.Violation
All Implemented Interfaces:
Serializable, Comparable<HttpCompliance.Violation>, java.lang.constant.Constable, ComplianceViolation
Enclosing class:
HttpCompliance

public static enum HttpCompliance.Violation extends Enum<HttpCompliance.Violation> implements ComplianceViolation
  • Enum Constant Details

    • CASE_SENSITIVE_FIELD_NAME

      public static final HttpCompliance.Violation CASE_SENSITIVE_FIELD_NAME
      The HTTP RFC(s) require that field names are case-insensitive, so for example the fields "Content-Type: text/xml" and "content-type: text/xml" are considered equivalent. Jetty has been optimized to take advantage of this by looking up field names in a case insensitive cache and will by default provide the standard capitalisation of a field name rather than create a new string with the actual capitalisation received. However, some applications have been written to expect a specific capitalisation of field, so deployments of such applications must include this violation in their HttpCompliance mode to prevent Jetty altering the case of the fields received. Jetty itself will still match and handle fields names insensitively and this violation only affects how the names are reported to the application. There is a small performance and garbage impact of using this mode.
    • CASE_INSENSITIVE_METHOD

      public static final HttpCompliance.Violation CASE_INSENSITIVE_METHOD
      The HTTP RFC(s) require that method names are case sensitive, so that "Get" and "GET" are considered different methods. Jetty releases prior to 9.4 used a case insensitive cache to match method names, thus this requirement was violated. Deployments which wish to retain this legacy violation can include this violation in the HttpCompliance mode.
    • HTTP_0_9

      public static final HttpCompliance.Violation HTTP_0_9
      Since RFC 7230, the expectation that HTTP/0.9 is supported has been removed from the specification. If a deployment wished to accept HTTP/0.9 requests, then it can include this violation in it's HttpCompliance mode.
    • MULTILINE_FIELD_VALUE

      public static final HttpCompliance.Violation MULTILINE_FIELD_VALUE
      Since RFC 7230, the HTTP protocol no longer supports line folding, which allows a field value to be provided over several lines. Deployments that wish to receive folder field values may include this violation in their HttpCompliance mode.
    • MULTIPLE_CONTENT_LENGTHS

      public static final HttpCompliance.Violation MULTIPLE_CONTENT_LENGTHS
      Since RFC 7230, the HTTP protocol has required that a request is invalid if it contains multiple Content-Length fields or values. The request may be treated as invalid even if the multiple values are the same. A deployment may include this violation to allow multiple Content-Length values to be received, but only if they are identical.
    • TRANSFER_ENCODING_WITH_CONTENT_LENGTH

      public static final HttpCompliance.Violation TRANSFER_ENCODING_WITH_CONTENT_LENGTH
      Since RFC 7230, the HTTP protocol has required that a request is invalid if it contains both a Transfer-Encoding field and Content-Length field. A deployment may include this violation to allow both fields to be in a received request.
    • WHITESPACE_AFTER_FIELD_NAME

      public static final HttpCompliance.Violation WHITESPACE_AFTER_FIELD_NAME
      Since RFC 7230, the HTTP protocol has required that a request header field has no white space after the field name and before the ':'. A deployment may include this violation to allow such fields to be in a received request.
    • NO_COLON_AFTER_FIELD_NAME

      public static final HttpCompliance.Violation NO_COLON_AFTER_FIELD_NAME
      Prior to RFC 7230, the HTTP protocol allowed a header line of a single token with neither a colon nor value following, to be interpreted as a field name with no value. A deployment may include this violation to allow such fields to be in a received request.
    • DUPLICATE_HOST_HEADERS

      public static final HttpCompliance.Violation DUPLICATE_HOST_HEADERS
      Since RFC 7230: Section 5.4, the HTTP protocol says that a Server must reject a request duplicate host headers. A deployment may include this violation to allow duplicate host headers on a received request.
    • UNSAFE_HOST_HEADER

      public static final HttpCompliance.Violation UNSAFE_HOST_HEADER
      Since RFC 7230, the HTTP protocol should reject a request if the Host headers contains an invalid / unsafe authority. A deployment may include this violation to allow unsafe host headesr on a received request.
    • MISMATCHED_AUTHORITY

      public static final HttpCompliance.Violation MISMATCHED_AUTHORITY
      Since RFC 7230: Section 5.4, the HTTP protocol must reject a request if the target URI has an authority that is different than a provided Host header. A deployment may include this violation to allow different values on the target URI and the Host header on a received request.
  • Method Details

    • values

      public static HttpCompliance.Violation[] values()
      Returns an array containing the constants of this enum type, in the order they are declared.
      Returns:
      an array containing the constants of this enum type, in the order they are declared
    • valueOf

      public static HttpCompliance.Violation valueOf(String name)
      Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)
      Parameters:
      name - the name of the enum constant to be returned.
      Returns:
      the enum constant with the specified name
      Throws:
      IllegalArgumentException - if this enum type has no constant with the specified name
      NullPointerException - if the argument is null
    • getName

      public String getName()
      Specified by:
      getName in interface ComplianceViolation
      Returns:
      The name of the violation.
    • getURL

      public String getURL()
      Specified by:
      getURL in interface ComplianceViolation
      Returns:
      A URL to the specification that provides more information regarding the requirement that may be violated.
    • getDescription

      public String getDescription()
      Specified by:
      getDescription in interface ComplianceViolation
      Returns:
      A short description of the violation.