New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WebSocketClientHandshaker java.lang.NullPointerException #12933
Comments
Missing: header-> origin |
Please explain in more detail. |
When the websocketclient connection request header is missing the origin, a null pointer problem will occur |
@amizurov What's your take? Do we need validation to check for the origin header somewhere? |
Now he throws a null pointer. I think we can give some warning logs |
Hi @heixiaoma , @chrisvest. Let me take a look. |
@heixiaoma Could you please clarify, did you set |
yes |
So the main problem here, that if we pass the I created the PR which should fix the |
…est (#12941) Motivation: We have the old erroneous behavior of generating the `Origin| Sec-WebSocket-Origin` for client websocket handshake request (#9673). In Netty5 this fixed and auto-generation has been deleted at all, only if the client passed the `Origin` header via custom headers. The same we can do for Netty4 but it could potentially break some clients (unlikely), or introduce an additional parameter to disable or enable this behavior. Modification: Introduce new `generateOriginHeader` parameter in client config and generate the `Origin|Sec-WebSocket-Origin` header value only if it enabled. Add additional check for webSocketURI if it contains host or passed through `customHeaders` to prevent NPE in `newHandshakeRequest()`. Result: Fixes #9673 #12933 Co-authored-by: Norman Maurer <norman_maurer@apple.com>
…est (#12941) Motivation: We have the old erroneous behavior of generating the `Origin| Sec-WebSocket-Origin` for client websocket handshake request (#9673). In Netty5 this fixed and auto-generation has been deleted at all, only if the client passed the `Origin` header via custom headers. The same we can do for Netty4 but it could potentially break some clients (unlikely), or introduce an additional parameter to disable or enable this behavior. Modification: Introduce new `generateOriginHeader` parameter in client config and generate the `Origin|Sec-WebSocket-Origin` header value only if it enabled. Add additional check for webSocketURI if it contains host or passed through `customHeaders` to prevent NPE in `newHandshakeRequest()`. Result: Fixes #9673 #12933 Co-authored-by: Norman Maurer <norman_maurer@apple.com>
I think this was fixed by #12941 |
WebSocketClientHandshaker
The text was updated successfully, but these errors were encountered: