diff options
3 files changed, 14 insertions, 3 deletions
diff --git a/okhttp-tests/src/test/java/com/squareup/okhttp/RequestTest.java b/okhttp-tests/src/test/java/com/squareup/okhttp/RequestTest.java index 47c6010..3b31cc8 100644 --- a/okhttp-tests/src/test/java/com/squareup/okhttp/RequestTest.java +++ b/okhttp-tests/src/test/java/com/squareup/okhttp/RequestTest.java @@ -174,6 +174,16 @@ public final class RequestTest { } } + @Test public void headerAllowsTabOnlyInValues() throws Exception { + Request.Builder builder = new Request.Builder(); + builder.header("key", "sample\tvalue"); + try { + builder.header("sample\tkey", "value"); + fail(); + } catch (IllegalArgumentException expected) { + } + } + @Test public void headerForbidsControlCharacters() throws Exception { assertForbiddenHeader(null); assertForbiddenHeader("\u0000"); @@ -185,7 +195,6 @@ public final class RequestTest { assertForbiddenHeader("a\rb"); assertForbiddenHeader("\rb"); // End of Android modification. - assertForbiddenHeader("\t"); assertForbiddenHeader("\u001f"); assertForbiddenHeader("\u007f"); diff --git a/okhttp-tests/src/test/java/com/squareup/okhttp/internal/http/HeadersTest.java b/okhttp-tests/src/test/java/com/squareup/okhttp/internal/http/HeadersTest.java index 1f5ad6d..e4938c1 100644 --- a/okhttp-tests/src/test/java/com/squareup/okhttp/internal/http/HeadersTest.java +++ b/okhttp-tests/src/test/java/com/squareup/okhttp/internal/http/HeadersTest.java @@ -155,10 +155,12 @@ public final class HeadersTest { .add("foo: bar") .add(" foo: baz") // Name leading whitespace is trimmed. .add("foo : bak") // Name trailing whitespace is trimmed. + .add("\tkey\t:\tvalue\t") // '\t' also counts as whitespace .add("ping: pong ") // Value whitespace is trimmed. .add("kit:kat") // Space after colon is not required. .build(); assertEquals(Arrays.asList("bar", "baz", "bak"), headers.values("foo")); + assertEquals(Arrays.asList("value"), headers.values("key")); assertEquals(Arrays.asList("pong"), headers.values("ping")); assertEquals(Arrays.asList("kat"), headers.values("kit")); } diff --git a/okhttp/src/main/java/com/squareup/okhttp/Headers.java b/okhttp/src/main/java/com/squareup/okhttp/Headers.java index d5b4cef..9e92555 100644 --- a/okhttp/src/main/java/com/squareup/okhttp/Headers.java +++ b/okhttp/src/main/java/com/squareup/okhttp/Headers.java @@ -307,8 +307,8 @@ public final class Headers { // ANDROID-BEGIN // http://b/28867041 - keep things working for apps that rely on Android's (out of spec) // UTF-8 header encoding behavior. - // if (c <= '\u001f' || c >= '\u007f') { - if (c <= '\u001f' || c == '\u007f') { + // if ((c <= '\u001f' && c != '\u0009' /* htab */) || c >= '\u007f') { + if ((c <= '\u001f' && c != '\u0009' /* htab */) || c == '\u007f') { // ANDROID-END throw new IllegalArgumentException(String.format( "Unexpected char %#04x at %d in header value: %s", (int) c, i, value)); |