On Mon, 15 Dec 2025 17:52:56 GMT, Daniel Fuchs <[email protected]> wrote:
>> The first byte of a SSL ClientHello handshake record is 0x16 (22).
>> If the first byte received on a HTTP/1.1 clear connection is 0x16, the HTTP
>> server could fail fast, return 400 bad request and immediately close the
>> connection.
>>
>> This changeset extends the fail fast behaviour for other ineligible bytes,
>> such as any byte corresponding to ASCII characters <= 31.
>
> Daniel Fuchs has updated the pull request incrementally with one additional
> commit since the last revision:
>
> minor test fix - unused import + obsolete comment
src/jdk.httpserver/share/classes/sun/net/httpserver/Request.java line 50:
> 48: private OutputStream os;
> 49: private final int maxReqHeaderSize;
> 50: private final boolean firstClearRequest;
Suggestion:
private final boolean firstClearRequest;
test/jdk/com/sun/net/httpserver/ClearTextServerSSL.java line 84:
> 82: var sslContext = new SimpleSSLContext().get();
> 83: var handler = new TestHandler();
> 84: var server = HttpServer.create(new
> InetSocketAddress(LOOPBACK_ADDR,0), 0);
Suggestion:
var server = HttpServer.create(new InetSocketAddress(LOOPBACK_ADDR, 0),
0);
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/28827#discussion_r2626525051
PR Review Comment: https://git.openjdk.org/jdk/pull/28827#discussion_r2626525677
