On Tue, 18 Nov 2025 15:45:20 GMT, Volkan Yazici <[email protected]> wrote:
>> src/jdk.httpserver/share/classes/com/sun/net/httpserver/Headers.java line
>> 157:
>>
>>> 155: throw new IllegalArgumentException("illegal character
>>> in key at index " + i);
>>> 156: }
>>> 157: cs[0] = (char) (c - o);
>>
>> There's an assumption here that because of the test at line 135 then `c`
>> must be a lower case letter. But, it could in principle be any `tchar`
>> (token character) which includes digits and vchars other than lower case
>> letters. We should check `if (c >= 'a' && c <= 'z')`
>
> @Michael-Mc-Mahon, very good (embarrassing :facepalm:) catch!
>
> @dfuch, I guess `httpserver/HeadersTest.java` needs a serious overhaul
> against these kind of normalization edge cases. I will try tackling this
> tomorrow (CET). @SentryMan, let me know if you prefer picking this up
> yourself.
The other issue you found at line 135 raises the question to _how_ strings that
don't start with a letter are normalized? (A) Do we only ever put the first
character as uppercase (if it's a letter)? Or (B) do we always put the first
letter in a string in uppercase, wherever it appears in the string?
Looks like the current behavior is (A) and we should stick with that, from the
point of view of new tests. So, `2xyz` would be normalized as `2xyz`, but
`xyz2` would be normalized as `Xyz2`. Does that make sense?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27276#discussion_r2541344708
