Http2Client doesn't allow setting Host header (or others restricted by default) #2975
Description
New Java HttpClient by default disalows setting some restricted headers - this can be disabled by using a system property jdk.httpclient.allowRestrictedHeaders with a lowercased header list.
I added such system property -Djdk.httpclient.allowRestrictedHeaders=host, but feign (logging that it sends my Host headere, still sends request with a different one (taken from the url, in my case it is localhost:1234).
When looking at the code of Http2Client I see Feign also keeps a list of disaloved headers that mimick the ones in jdk client - in that case it should also mimick the reading of jdk.httpclient.allowRestrictedHeaders and allow setting those that are on the list.
Relevant code from JDK:
private static final Set<String> DISALLOWED_HEADERS_SET = getDisallowedHeaders();
private static Set<String> getDisallowedHeaders() {
Set<String> headers = new TreeSet<>(String.CASE_INSENSITIVE_ORDER);
headers.addAll(Set.of("connection", "content-length", "expect", "host", "upgrade"));
String v = getNetProperty("jdk.httpclient.allowRestrictedHeaders");
if (v != null) {
// any headers found are removed from set.
String[] tokens = v.trim().split(",");
for (String token : tokens) {
headers.remove(token);
}
return Collections.unmodifiableSet(headers);
} else {
return Collections.unmodifiableSet(headers);
}
}
(Implemented in https://bugs.openjdk.org/browse/JDK-8213189 - it was backported to JDK 11)