Set HTTP header when processing logout request

The proxy can then use this information to terminate client connection. This is conformant to RFC 5734 which requires the server to disconnect upon responding to EPP logout request: https://tools.ietf.org/html/rfc5734#section-2 We cannot set "Connection: close" because it is stripped away by App Engine: https://cloud.google.com/appengine/docs/standard/java/how-requests-are-handled#headers_removed ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=173904515
2025-05-13 16:07:15 +02:00 · 2017-10-30 09:33:44 -07:00 · 2017-10-30 09:33:44 -07:00 · b0e062d725
commit b0e062d725
parent abf877f5ae
1 changed files with 20 additions and 13 deletions
--- a/java/google/registry/flows/EppRequestHandler.java
+++ b/java/google/registry/flows/EppRequestHandler.java
@ -12,15 +12,16 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.

-
 package google.registry.flows;

 import static google.registry.flows.EppXmlTransformer.marshalWithLenientRetry;
+import static google.registry.model.eppoutput.Result.Code.SUCCESS_AND_CLOSE;
 import static java.nio.charset.StandardCharsets.UTF_8;
 import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
 import static javax.servlet.http.HttpServletResponse.SC_OK;

 import com.google.common.net.MediaType;
+import google.registry.model.eppoutput.EppOutput;
 import google.registry.request.Response;
 import google.registry.util.FormattingLogger;
 import javax.inject.Inject;
@ -35,7 +36,9 @@ public class EppRequestHandler {

  @Inject EppController eppController;
  @Inject Response response;
-  @Inject EppRequestHandler() {}
+
+  @Inject
+  EppRequestHandler() {}

  /** Handle an EPP request and write out a servlet response. */
  public void executeEpp(
@ -46,23 +49,27 @@ public class EppRequestHandler {
      boolean isSuperuser,
      byte[] inputXmlBytes) {
    try {
-      response.setPayload(new String(
-          marshalWithLenientRetry(
+      EppOutput eppOutput =
          eppController.handleEppCommand(
-                  sessionMetadata,
-                  credentials,
-                  eppRequestSource,
-                  isDryRun,
-                  isSuperuser,
-                  inputXmlBytes)),
-          UTF_8));
+              sessionMetadata, credentials, eppRequestSource, isDryRun, isSuperuser, inputXmlBytes);
+      response.setPayload(new String(marshalWithLenientRetry(eppOutput), UTF_8));
      response.setContentType(APPLICATION_EPP_XML);
      // Note that we always return 200 (OK) even if the EppController returns an error response.
-      // This is because returning an non-OK HTTP status code will cause the proxy server to
+      // This is because returning a non-OK HTTP status code will cause the proxy server to
      // silently close the connection without returning any data. The only time we will ever return
      // a non-OK status (400) is if we fail to muster even an EPP error response message. In that
      // case it's better to close the connection than to return garbage.
      response.setStatus(SC_OK);
+      // Per RFC 5734, a server receiving a logout command must end the EPP session and close the
+      // TCP connection. Since the app itself only gets HttpServletRequest and is not aware of TCP
+      // sessions, it simply sets the HTTP response header to indicate the connection should be
+      // closed by the proxy. Whether the EPP proxy actually terminates the connection with the
+      // client is up to its implementation.
+      // See: https://tools.ietf.org/html/rfc5734#section-2
+      if (eppOutput.isResponse()
+          && eppOutput.getResponse().getResult().getCode() == SUCCESS_AND_CLOSE) {
+        response.setHeader("Epp-Session", "close");
+      }
    } catch (Exception e) {
      logger.warning(e, "handleEppCommand general exception");
      response.setStatus(SC_BAD_REQUEST);