Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8347904

Add BodyHandlers / BodySubscribers methods to handle excessive server input

XMLWordPrintable

    • Icon: CSR CSR
    • Resolution: Approved
    • Icon: P4 P4
    • 25
    • core-libs
    • None
    • source, binary
    • minimal
    • A new static factory method is added to `HttpResponse.Body{Handlers,Subscribers}` interfaces. No compatibility risks are expected.
    • Java API
    • SE

      Summary

      Add public static BodyHandlers.limiting(BodyHandler, long) and BodySubsribers.limiting(BodySubscriber, long) factory methods to the HttpClient API. limiting() extends an existing BodyHandler / BodySubscriber with the ability to limit the number of body bytes that will be accepted. This helps with handling of excessive server input that a caller is not prepared to accept.

      Problem

      There are no convenient utilities in HttpClient to handle excessive server input, which defaults are prone to.

      Solution

      Added the limiting() factory method to HttpResponse.Body{Handlers,Subscribers} to limit the number of body bytes that are delivered to the given downstream handler or subscriber. limiting() can be used in combination with handlers/subscribers provided by the standard library, and also custom user-provided ones.

      Another considered alternative was to add new maxByteCount-accepting variants of the existing factory methods. Compared to this, limiting() provides better composability and keeps the API impact at minimum.

      Specification

      Introduced below API changes to java.net.http.HttpResponse:

             public interface BodyHandlers {

+        /**
+         * {@return a {@code BodyHandler} that limits the number of body bytes
+         * that are delivered to the given downstream {@code downstreamHandler}}
+         * <p>
+         * If the number of body bytes received exceeds the given
+         * {@code capacity}, {@link BodySubscriber#onError(Throwable) onError}
+         * is called on the downstream {@code BodySubscriber} with an
+         * {@link IOException} indicating that the capacity is exceeded, and
+         * the upstream subscription is cancelled.
+         *
+         * @param downstreamHandler the downstream handler to pass received data to
+         * @param capacity the maximum number of bytes that are allowed
+         * @throws IllegalArgumentException if {@code capacity} is negative
+         * @since 25
+         */
+        public static <T> BodyHandler<T> limiting(BodyHandler<T> downstreamHandler, long capacity) {

       public interface BodySubscribers {

+        /**
+         * {@return a {@code BodySubscriber} that limits the number of body
+         * bytes that are delivered to the given {@code downstreamSubscriber}}
+         * <p>
+         * If the number of body bytes received exceeds the given
+         * {@code capacity}, {@link BodySubscriber#onError(Throwable) onError}
+         * is called on the downstream {@code BodySubscriber} with an
+         * {@link IOException} indicating that the capacity is exceeded, and
+         * the upstream subscription is cancelled.
+         *
+         * @param downstreamSubscriber the downstream subscriber to pass received data to
+         * @param capacity the maximum number of bytes that are allowed
+         * @throws IllegalArgumentException if {@code capacity} is negative
+         * @since 25
+         */
+        public static <T> BodySubscriber<T> limiting(BodySubscriber<T> downstreamSubscriber, long capacity) {

            vyazici Volkan Yazici
            dfuchs Daniel Fuchs
            Daniel Fuchs
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: