Luis Neves wrote:
I find those "-" and "~" very weird, I doubt that the clients are
sending those headers.
My bad. As it turns out the clients are really sending that garbage.
The main problem seems to be that the decoder gets confused when clients send
Headers without values, e.g:
*******************************************
GET /somepath HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0
Host: foo.bar.com
Referer:
Connection: Keep-Alive
*******************************************
Notice the empty referer header.
I worked around my problem by putting a limit in the size of every Collection
that holds HTTP Headers and also an upper/lower limit in the
length of every Header Name/Value.
I still don't know how to properly fixed the decoder but for now this inelegant
fix will do.
As an aside I also tried the Grizzly http server as stopgap measure and although
there are no OOM errors with misbehaved requests it completely freezes and stops
serving requests... but that might just be because of my unfamiliarity with the
creature.
--
Luis Neves
