Skip to content

Do not reject UNKNOWN HttpMethod #6172

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
AlexProgrammerDE wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Do not reject UNKNOWN HttpMethod #6172

AlexProgrammerDE wants to merge 6 commits into from
+86 −11

Conversation

@AlexProgrammerDE
Copy link

@AlexProgrammerDE AlexProgrammerDE commented Mar 24, 2025

Motivation:

Adds unknown HTTP Methods from other RFCs.
I need this feature because WebDav extends the list of HTTP Method names and Http1RequestDecoder rejects unknown method names.
More information in the Discord: https://canary.discord.com/channels/1087271586832318494/1087272728177942629/1351931184451686420

Modifications:

  • Stopped rejecting UNKNOWN HTTP Methods
  • Use the METHOD header as the method passed to Tomcat.

Result:

  • Users will now be able to use more HTTP Methods for even more use-cases like WebDav.

@AlexProgrammerDE
Do not reject UNKNOWN HttpMethod
36eb775 
Also makes Tomcat use the METHOD header.
Jetty already uses the METHOD header.
@github-actions
Copy link
Contributor

github-actions bot commented Mar 24, 2025
edited
Loading

🔍 Build Scan® (commit: 59b48a1)

Job name Status Build Scan®
build-ubicloud-standard-16-jdk-8 ❌ (failure) https://ge.armeria.dev/s/7dgygzybpyrea
build-ubicloud-standard-16-jdk-21-snapshot-blockhound ❌ (failure) https://ge.armeria.dev/s/zhwnkg5lpsids
build-ubicloud-standard-16-jdk-17-min-java-17-coverage ❌ (failure) https://ge.armeria.dev/s/6cknmaavdncgc
build-ubicloud-standard-16-jdk-17-min-java-11 ❌ (failure) https://ge.armeria.dev/s/xogaq32pjrtty
build-ubicloud-standard-16-jdk-17-leak ❌ (failure) https://ge.armeria.dev/s/hzq6uphwtewvy
build-ubicloud-standard-16-jdk-11 ❌ (failure) https://ge.armeria.dev/s/uahqbzsds7y76
build-macos-latest-jdk-21 ❌ (failure) https://ge.armeria.dev/s/tdbjzrqz4w4hs

jrhee17
jrhee17 reviewed Mar 25, 2025
View reviewed changes
Copy link
Contributor

@jrhee17 jrhee17 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Direction looks good.

I'm not sure if you want to handle here as well, but client-side won't be able to send custom HTTP methods. We can keep this as a known issue and proceed with server-side first though

tomcat10/src/main/java/com/linecorp/armeria/server/tomcat/TomcatService.java
// Set the method.
final HttpMethod method = req.method();
coyoteReq.method().setString(method.name());
coyoteReq.method().setString(req.headers().get(HttpHeaderNames.METHOD));
Copy link
Contributor

@jrhee17 jrhee17 Mar 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you also add a integration test which validates the server can successfully process the custom http method?

@jrhee17 jrhee17 added this to the 1.33.0 milestone Mar 25, 2025
jrhee17
jrhee17 reviewed Mar 26, 2025
View reviewed changes
Copy link
Contributor

@jrhee17 jrhee17 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes look good to me once the CI is fixed 👍

One more note is the current approach is more of a workaround due to breaking changes - later we may allow registration of custom HttpMethods in a type-safe way when we bump the major version

core/src/main/java/com/linecorp/armeria/server/ServerBuilder.java
*
* @param additionalAllowedHttpMethods the additional allowed HTTP methods
*/
public ServerBuilder additionalAllowedHttpMethods(String... additionalAllowedHttpMethods) {
Copy link
Contributor

@jrhee17 jrhee17 Mar 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

optional) for consistency with other APIs, it may be worth adding a additionalAllowedHttpMethods(Iterable<String>) variant

tomcat10/src/main/java/com/linecorp/armeria/server/tomcat/TomcatService.java
// Set the method.
final HttpMethod method = req.method();
coyoteReq.method().setString(method.name());
coyoteReq.method().setString(req.headers().get(HttpHeaderNames.METHOD));
Copy link
Contributor

@jrhee17 jrhee17 Mar 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

note: I think it's fine to support just tomcat for now, and add support for jetty later if needed/reported

@trustin trustin mentioned this pull request Mar 26, 2025
Closed
@jrhee17
Copy link
Contributor

jrhee17 commented Apr 16, 2025

Gentle ping. We could also finish this implementation if you are busy @AlexProgrammerDE

@AlexProgrammerDE
Copy link
Author

AlexProgrammerDE commented Apr 16, 2025

Hi, university started for me, so I'm a little more busy than usual. I'd appreciate if the team could finish this.

@github-actions github-actions bot added the Stale label May 17, 2025
@ikhoon ikhoon modified the milestones: 1.33.0, 1.34.0 Aug 1, 2025
@github-actions github-actions bot removed the Stale label Aug 2, 2025
@github-actions github-actions bot added the Stale label Sep 1, 2025
@jrhee17 jrhee17 modified the milestones: 1.34.0, 1.35.0 Nov 24, 2025
@github-actions github-actions bot removed the Stale label Nov 25, 2025
@github-actions github-actions bot added the Stale label Dec 28, 2025
@minwoox minwoox modified the milestones: 1.35.0, 1.36.0 Dec 30, 2025
@github-actions github-actions bot removed the Stale label Dec 31, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jrhee17 jrhee17 jrhee17 left review comments

@ikhoon ikhoon Awaiting requested review from ikhoon ikhoon is a code owner

@minwoox minwoox Awaiting requested review from minwoox minwoox is a code owner

@trustin trustin Awaiting requested review from trustin trustin is a code owner

Assignees

No one assigned

Labels

new feature

Projects

None yet

Milestone

1.36.0

Development

Successfully merging this pull request may close these issues.

4 participants

@AlexProgrammerDE @jrhee17 @ikhoon @minwoox