Throw ISE from Servlet parameter methods

Fixes #13670 as an alternate to #13678
Fully deprecate and replace BadMessageException

Author: gregw

jetty-core/jetty-client/src/test/java/org/eclipse/jetty/client/http/HttpReceiverOverHTTPTest.java

@@ -34,8 +34,8 @@
 import org.eclipse.jetty.client.transport.internal.HttpChannelOverHTTP;
 import org.eclipse.jetty.client.transport.internal.HttpConnectionOverHTTP;
 import org.eclipse.jetty.client.transport.internal.HttpReceiverOverHTTP;
-import org.eclipse.jetty.http.BadMessageException;
 import org.eclipse.jetty.http.HttpCompliance;
+import org.eclipse.jetty.http.HttpException;
 import org.eclipse.jetty.http.HttpFields;
 import org.eclipse.jetty.http.HttpHeader;
 import org.eclipse.jetty.http.HttpVersion;
@@ -226,7 +226,7 @@ public void testReceiveBadResponse(HttpCompliance compliance) throws Exception
 
         ExecutionException e = assertThrows(ExecutionException.class, () -> completable.get(5, TimeUnit.SECONDS));
         assertThat(e.getCause(), instanceOf(HttpResponseException.class));
-        assertThat(e.getCause().getCause(), instanceOf(BadMessageException.class));
+        assertThat(e.getCause().getCause(), instanceOf(HttpException.class));
         assertThat(e.getCause().getCause().getCause(), instanceOf(NumberFormatException.class));
     }
 

jetty-core/jetty-compression/jetty-compression-server/src/main/java/org/eclipse/jetty/compression/server/CompressionHandler.java

@@ -21,7 +21,6 @@
 import org.eclipse.jetty.compression.Compression;
 import org.eclipse.jetty.compression.server.internal.CompressionResponse;
 import org.eclipse.jetty.compression.server.internal.DecompressionRequest;
-import org.eclipse.jetty.http.BadMessageException;
 import org.eclipse.jetty.http.ComplianceViolation;
 import org.eclipse.jetty.http.HttpException;
 import org.eclipse.jetty.http.HttpField;
@@ -280,7 +279,7 @@ protected void onComplianceViolation(ComplianceViolation violation, String value
                                 if (httpConfiguration.getHttpCompliance().allows(violation))
                                     httpConfiguration.notifyViolation(violation, value);
                                 else
-                                    throw new BadMessageException(violation.toString());
+                                    throw new HttpException.IllegalStateException(HttpStatus.BAD_REQUEST_400, violation.toString());
                             }
                         };
                     }

jetty-core/jetty-fcgi/jetty-fcgi-server/src/main/java/org/eclipse/jetty/fcgi/server/internal/ServerFCGIConnection.java

@@ -21,8 +21,9 @@
 import org.eclipse.jetty.fcgi.generator.Flusher;
 import org.eclipse.jetty.fcgi.generator.ServerGenerator;
 import org.eclipse.jetty.fcgi.parser.ServerParser;
-import org.eclipse.jetty.http.BadMessageException;
+import org.eclipse.jetty.http.HttpException;
 import org.eclipse.jetty.http.HttpField;
+import org.eclipse.jetty.http.HttpStatus;
 import org.eclipse.jetty.http.HttpVersion;
 import org.eclipse.jetty.io.ByteBufferPool;
 import org.eclipse.jetty.io.Content;
@@ -401,7 +402,7 @@ public void onFailure(int request, Throwable failure)
             if (LOG.isDebugEnabled())
                 LOG.atDebug().setCause(failure).log("Request {} failure on {}", request, stream);
             if (stream != null)
-                ThreadPool.executeImmediately(getExecutor(), stream.getHttpChannel().onFailure(new BadMessageException(null, failure)));
+                ThreadPool.executeImmediately(getExecutor(), stream.getHttpChannel().onFailure(new HttpException.IllegalStateException(HttpStatus.BAD_REQUEST_400, null, failure)));
             stream = null;
         }
     }

jetty-core/jetty-http/src/main/java/org/eclipse/jetty/http/BadMessageException.java

@@ -15,10 +15,11 @@
 
 /**
  * <p>Exception thrown to indicate a Bad HTTP Message has either been received
- * or attempted to be generated.  Typically, these are handled with either 400
+ * or attempted to be generated.  Typically, these are handled with {@code 4xx} or {@code 5xx}
  * responses.</p>
- * @see HttpException
+ * @deprecated use HttpException
  */
+@Deprecated(since = "12.1.6", forRemoval = true)
 public class BadMessageException extends HttpException.RuntimeException
 {
     public BadMessageException()

jetty-core/jetty-http/src/main/java/org/eclipse/jetty/http/CookieCache.java

@@ -159,7 +159,7 @@ public List<HttpCookie> getCookies(HttpFields headers, ComplianceViolation.Liste
             }
             catch (CookieParser.InvalidCookieException invalidCookieException)
             {
-                throw new BadMessageException(invalidCookieException.getMessage(), invalidCookieException);
+                throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, invalidCookieException.getMessage(), invalidCookieException);
             }
         }
 

jetty-core/jetty-http/src/main/java/org/eclipse/jetty/http/HostPortHttpField.java

@@ -38,7 +38,7 @@ protected HostPortHttpField(HttpHeader header, String name, String authority)
         }
         catch (Exception e)
         {
-            throw new BadMessageException("Bad HostPort", e);
+            throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "Bad HostPort", e);
         }
     }
 

jetty-core/jetty-http/src/main/java/org/eclipse/jetty/http/HttpCompliance.java

@@ -456,6 +456,6 @@ private static void assertAllowed(Violation violation, HttpCompliance mode, Comp
                 mode, violation, violation.getDescription()
             ));
         else
-            throw new BadMessageException(violation.getDescription());
+            throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, violation.getDescription());
     }
 }

jetty-core/jetty-http/src/main/java/org/eclipse/jetty/http/HttpParser.java

@@ -364,12 +364,12 @@ public void setHeaderCacheCaseSensitive(boolean headerCacheCaseSensitive)
         _fieldCache.setCaseSensitive(headerCacheCaseSensitive);
     }
 
-    protected void checkViolation(Violation violation) throws BadMessageException
+    protected void checkViolation(Violation violation) throws HttpException.RuntimeException
     {
         if (violation.isAllowedBy(_complianceMode))
             reportComplianceViolation(violation, violation.getDescription());
         else
-            throw new BadMessageException(violation.getDescription());
+            throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, violation.getDescription());
     }
 
     protected void reportComplianceViolation(Violation violation)
@@ -503,7 +503,7 @@ private HttpTokens.Token next(ByteBuffer buffer)
 
             case CR:
                 if (_cr)
-                    throw new BadMessageException("Bad EOL");
+                    throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "Bad EOL");
 
                 if (buffer.hasRemaining())
                 {
@@ -514,7 +514,7 @@ private HttpTokens.Token next(ByteBuffer buffer)
                     {
                         case CNTL -> throw new IllegalCharacterException(_state, t, buffer);
                         case LF -> EOL_CRLF;
-                        default -> throw new BadMessageException("Bad EOL");
+                        default -> throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "Bad EOL");
                     };
                 }
                 _cr = true;
@@ -529,7 +529,7 @@ private HttpTokens.Token next(ByteBuffer buffer)
             case OTEXT:
             case COLON:
                 if (_cr)
-                    throw new BadMessageException("Bad EOL");
+                    throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "Bad EOL");
                 break;
 
             default:
@@ -547,9 +547,9 @@ private void addAndCheckHeadersSize(int delta)
             if (_headerBytes > _maxHeaderBytes)
             {
                 if (_state == State.URI)
-                    throw new BadMessageException(HttpStatus.URI_TOO_LONG_414);
+                    throw new HttpException.RuntimeException(HttpStatus.URI_TOO_LONG_414);
                 if (_requestParser)
-                    throw new BadMessageException(HttpStatus.REQUEST_HEADER_FIELDS_TOO_LARGE_431);
+                    throw new HttpException.RuntimeException(HttpStatus.REQUEST_HEADER_FIELDS_TOO_LARGE_431);
                 throw new HttpException.RuntimeException(_responseStatus, "Response Header Bytes Too Large");
             }
         }
@@ -786,7 +786,7 @@ else if (Violation.CASE_INSENSITIVE_METHOD.isAllowedBy(_complianceMode))
                             break;
 
                         case EOL:
-                            throw new BadMessageException("No URI");
+                            throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "No URI");
 
                         case ALPHA:
                         case DIGIT:
@@ -818,7 +818,7 @@ else if (Violation.CASE_INSENSITIVE_METHOD.isAllowedBy(_complianceMode))
                             _string.append(t.getChar());
                             break;
                         case EOL:
-                            throw new BadMessageException("No Status");
+                            throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "No Status");
                         default:
                             throw new IllegalCharacterException(_state, t, buffer);
                     }
@@ -838,7 +838,7 @@ else if (Violation.CASE_INSENSITIVE_METHOD.isAllowedBy(_complianceMode))
                             if (!_requestParser)
                             {
                                 if (t.getType() != HttpTokens.Type.DIGIT || t.getByte() == '0')
-                                    throw new BadMessageException("Bad status");
+                                    throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "Bad status");
                                 setState(State.STATUS);
                                 setResponseStatus(t.getByte() - '0');
                             }
@@ -873,7 +873,7 @@ else if (Violation.CASE_INSENSITIVE_METHOD.isAllowedBy(_complianceMode))
 
                         default:
                             if (_requestParser)
-                                throw new BadMessageException("No URI");
+                                throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "No URI");
                             else
                                 throw new HttpException.RuntimeException(_responseStatus, "No Status");
                     }
@@ -885,14 +885,14 @@ else if (Violation.CASE_INSENSITIVE_METHOD.isAllowedBy(_complianceMode))
                     {
                         case SPACE:
                             if (_responseStatus < 100)
-                                throw new BadMessageException("Bad status");
+                                throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "Bad status");
                             setState(State.SPACE2);
                             break;
 
                         case DIGIT:
                             _responseStatus = _responseStatus * 10 + (t.getByte() - '0');
                             if (_responseStatus >= 1000)
-                                throw new BadMessageException("Bad status");
+                                throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "Bad status");
                             break;
 
                         case EOL:
@@ -902,7 +902,7 @@ else if (Violation.CASE_INSENSITIVE_METHOD.isAllowedBy(_complianceMode))
                             break;
 
                         default:
-                            throw new BadMessageException("Bad status");
+                            throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "Bad status");
                     }
                     break;
 
@@ -1154,7 +1154,7 @@ private void parsedHeader()
                         {
                             checkViolation(MULTIPLE_CONTENT_LENGTHS);
                             if (contentLength != _contentLength)
-                                throw new BadMessageException(MULTIPLE_CONTENT_LENGTHS.getDescription());
+                                throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, MULTIPLE_CONTENT_LENGTHS.getDescription());
                         }
                         _hasContentLength = true;
 
@@ -1173,7 +1173,7 @@ private void parsedHeader()
 
                         // we encountered another Transfer-Encoding header, but chunked was already set
                         if (_endOfContent == EndOfContent.CHUNKED_CONTENT)
-                            throw new BadMessageException("Bad Transfer-Encoding, chunked not last");
+                            throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "Bad Transfer-Encoding, chunked not last");
 
                         if (HttpHeaderValue.CHUNKED.is(_valueString))
                         {
@@ -1190,7 +1190,7 @@ private void parsedHeader()
                                 if (HttpHeaderValue.CHUNKED.is(values.get(i)))
                                 {
                                     if (chunked != -1)
-                                        throw new BadMessageException("Bad Transfer-Encoding, multiple chunked tokens");
+                                        throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "Bad Transfer-Encoding, multiple chunked tokens");
                                     chunked = i;
                                     // declared chunked
                                     _endOfContent = EndOfContent.CHUNKED_CONTENT;
@@ -1199,7 +1199,7 @@ private void parsedHeader()
                                 // we have a non-chunked token after a declared chunked token
                                 else if (_endOfContent == EndOfContent.CHUNKED_CONTENT)
                                 {
-                                    throw new BadMessageException("Bad Transfer-Encoding, chunked not last");
+                                    throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "Bad Transfer-Encoding, chunked not last");
                                 }
                             }
                         }
@@ -1287,7 +1287,7 @@ private void parsedTrailer()
     private long convertContentLength(String valueString)
     {
         if (valueString == null || valueString.isEmpty())
-            throw new BadMessageException("Invalid Content-Length Value", new NumberFormatException());
+            throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "Invalid Content-Length Value", new NumberFormatException());
 
         long value = 0;
         int length = valueString.length();
@@ -1296,7 +1296,7 @@ private long convertContentLength(String valueString)
         {
             char c = valueString.charAt(i);
             if (c < '0' || c > '9')
-                throw new BadMessageException("Invalid Content-Length Value", new NumberFormatException());
+                throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "Invalid Content-Length Value", new NumberFormatException());
 
             value = Math.addExact(Math.multiplyExact(value, 10), c - '0');
         }
@@ -1370,14 +1370,14 @@ protected boolean parseFields(ByteBuffer buffer)
                                 {
                                     // Transfer-Encoding chunked not specified
                                     // https://tools.ietf.org/html/rfc7230#section-3.3.1
-                                    throw new BadMessageException("Bad Transfer-Encoding, chunked not last");
+                                    throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "Bad Transfer-Encoding, chunked not last");
                                 }
                             }
 
                             // Was there a required host header?
                             if (_parsedHost == null && _version == HttpVersion.HTTP_1_1 && _requestParser)
                             {
-                                throw new BadMessageException("No Host");
+                                throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "No Host");
                             }
 
                             // is it a response that cannot have a body?
@@ -1803,7 +1803,7 @@ else if (isTerminated())
                             LOG.debug("{} EOF in {}", this, _state);
                         setState(State.CLOSED);
                         if (_requestParser)
-                            _handler.badMessage(new BadMessageException(HttpStatus.BAD_REQUEST_400, "Early EOF"));
+                            _handler.badMessage(new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "Early EOF"));
                         else
                             _handler.badMessage(new HttpException.RuntimeException(_responseStatus, "Early EOF"));
                         break;
@@ -1821,7 +1821,7 @@ else if (isTerminated())
             else
             {
                 if (_requestParser)
-                    bad = new BadMessageException("Bad Request", x);
+                    bad = new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, "Bad Request", x);
                 else
                     bad = new HttpException.RuntimeException(_responseStatus, "Bad Response", x);
             }
@@ -1968,7 +1968,7 @@ protected boolean parseContent(ByteBuffer buffer)
                         if (t.isHexDigit())
                         {
                             if (_chunkLength > MAX_CHUNK_LENGTH)
-                                throw new BadMessageException(HttpStatus.PAYLOAD_TOO_LARGE_413);
+                                throw new HttpException.RuntimeException(HttpStatus.PAYLOAD_TOO_LARGE_413);
                             _chunkLength = _chunkLength * 16 + t.getHexDigit();
                         }
                         else if (t.getChar() == ';')
@@ -2256,11 +2256,11 @@ public interface ResponseHandler extends HttpHandler
         void startResponse(HttpVersion version, int status, String reason);
     }
 
-    private static class IllegalCharacterException extends BadMessageException
+    private static class IllegalCharacterException extends HttpException.RuntimeException
     {
         private IllegalCharacterException(State state, HttpTokens.Token token, ByteBuffer buffer)
         {
-            super(String.format("Illegal character %s", token));
+            super(HttpStatus.BAD_REQUEST_400, String.format("Illegal character %s", token));
             if (LOG.isDebugEnabled())
                 LOG.debug(String.format("Illegal character %s in state=%s for buffer %s", token, state, BufferUtil.toDetailString(buffer)));
         }
@@ -2381,7 +2381,7 @@ protected void onComplianceViolation(ComplianceViolation violation, String value
                     if (_complianceMode.allows(violation))
                         _handler.onViolation(new ComplianceViolation.Event(_complianceMode, violation, value));
                     else
-                        throw new BadMessageException(violation.toString());
+                        throw new HttpException.RuntimeException(HttpStatus.BAD_REQUEST_400, violation.toString());
                 }
             };
         }

jetty-core/jetty-http/src/main/java/org/eclipse/jetty/http/HttpTester.java

@@ -491,7 +491,7 @@ public ByteBuffer generate()
 
                         case HEADER_OVERFLOW:
                             if (header.capacity() >= 32 * 1024)
-                                throw new BadMessageException(500, "Header too large");
+                                throw new HttpException.RuntimeException(HttpStatus.INTERNAL_SERVER_ERROR_500, "Header too large");
                             header = BufferUtil.allocate(32 * 1024);
                             continue;