Index: sdk/lib/io/http_headers.dart |
diff --git a/sdk/lib/io/http_headers.dart b/sdk/lib/io/http_headers.dart |
index 5e94813f8a44f7d4857cec592341f135dbcf5a89..f621fff07fa1fc8e4246393737fc110480e49b4d 100644 |
--- a/sdk/lib/io/http_headers.dart |
+++ b/sdk/lib/io/http_headers.dart |
@@ -42,27 +42,31 @@ class _HttpHeaders implements HttpHeaders { |
void add(String name, value) { |
_checkMutable(); |
- _addAll(name.toLowerCase(), value); |
+ _addAll(_validateField(name), value); |
} |
void _addAll(String name, value) { |
- if (value is List) { |
- value.forEach((v) => _add(name, v)); |
+ assert(name == _validateField(name)); |
+ if (value is Iterable) { |
+ for (var v in value) { |
+ _add(name, _validateValue(v)); |
+ } |
} else { |
- _add(name, value); |
+ _add(name, _validateValue(value)); |
} |
} |
void set(String name, Object value) { |
_checkMutable(); |
- name = name.toLowerCase(); |
+ name = _validateField(name); |
_headers.remove(name); |
_addAll(name, value); |
} |
void remove(String name, Object value) { |
_checkMutable(); |
- name = name.toLowerCase(); |
+ name = _validateField(name); |
+ value = _validateValue(value); |
List<String> values = _headers[name]; |
if (values != null) { |
int index = values.indexOf(value); |
@@ -75,7 +79,7 @@ class _HttpHeaders implements HttpHeaders { |
void removeAll(String name) { |
_checkMutable(); |
- name = name.toLowerCase(); |
+ name = _validateField(name); |
_headers.remove(name); |
} |
@@ -250,7 +254,7 @@ class _HttpHeaders implements HttpHeaders { |
// [name] must be a lower-case version of the name. |
void _add(String name, value) { |
- assert(name == name.toLowerCase()); |
+ assert(name == _validateField(name)); |
// Use the length as index on what method to call. This is notable |
// faster than computing hash and looking up in a hash-map. |
switch (name.length) { |
@@ -399,13 +403,15 @@ class _HttpHeaders implements HttpHeaders { |
} |
if (value is DateTime) { |
values.add(HttpDate.format(value)); |
+ } else if (value is String) { |
+ values.add(value); |
} else { |
- values.add(value.toString()); |
+ values.add(_validateValue(value.toString())); |
} |
} |
void _set(String name, String value) { |
- assert(name == name.toLowerCase()); |
+ assert(name == _validateField(name)); |
List<String> values = new List<String>(); |
_headers[name] = values; |
values.add(value); |
@@ -562,6 +568,27 @@ class _HttpHeaders implements HttpHeaders { |
} |
return cookies; |
} |
+ |
+ static String _validateField(String field) { |
+ for (var i = 0; i < field.length; i++) { |
+ if (!_HttpParser._isTokenChar(field.codeUnitAt(i))) { |
+ throw new FormatException( |
+ "Invalid HTTP header field name: ${JSON.encode(field)}"); |
+ } |
+ } |
+ return field.toLowerCase(); |
+ } |
+ |
+ static _validateValue(value) { |
+ if (value is! String) return value; |
+ for (var i = 0; i < value.length; i++) { |
+ if (!_HttpParser._isValueChar(value.codeUnitAt(i))) { |
+ throw new FormatException( |
+ "Invalid HTTP header field value: ${JSON.encode(value)}"); |
+ } |
+ } |
+ return value; |
+ } |
} |