HttpHeaders should reject negative ContentLength values

[onjik]

Hello ! 👋

Found a code with a possible bug. here

	/**
	 * Set the length of the body in bytes, as specified by the
	 * {@code Content-Length} header.
	 */
	public void setContentLength(long contentLength) {
		set(CONTENT_LENGTH, Long.toString(contentLength));
	}

	/**
	 * Return the length of the body in bytes, as specified by the
	 * {@code Content-Length} header.
	 * <p>Returns -1 when the content-length is unknown.
	 */
	public long getContentLength() {
		String value = getFirst(CONTENT_LENGTH);
		return (value != null ? Long.parseLong(value) : -1);
	}

---

1. Negative values should not be present in this header.

"Any Content-Length greater than or equal to zero is a valid value."
https://www.rfc-editor.org/rfc/rfc2616#section-14.13

2. If the user accidentally puts in -1, a misunderstanding may occur as if there is no header by the getContentHeader().

example -> see this code.

	@Override
	protected ClientHttpResponse executeInternal(HttpHeaders headers) throws IOException {
		byte[] bytes = this.bufferedOutput.toByteArrayUnsafe();
		if (headers.getContentLength() < 0) {
			headers.setContentLength(bytes.length);
		}
		ClientHttpResponse result = executeInternal(headers, bytes);
		this.bufferedOutput.reset();
		return result;
	}

This code is checking for headers through a value of -1.

---

Let me know, If there's anything you need to change

[onjik]

hi @jhoeller !
I add some test and force push
re-approve workflow please

thank you!!

[bclozel]

Thanks for your contribution @onjik ! This is now merged.

[onjik]

@bclozel Thank you so much!!
Thank you for your prompt answer also 😀