Servlet 4.0 API Challenge
Servlets 4.0 introduces support for HTTP/2 feature ServerPush. What happens when a request is made to the URI /duke over an insecure connection. i.e. over HTTP connection?
The features of HTTP/2 are only enabled over secure TLS connection when the request is made from a browser that only supports HTTP/2 over a secure connection and as all major browsers fall into this category a request to the URI /duke will not be made over HTTP/2 but rather via HTTP 1.x. This means that the server push feature will not be enabled and the call to newPushBuilder() will return null. As there are no null checks the code in the doGet() method will throw a NullPointerException.
This was a tricky question.
For further information on how to use Bean Validation’s new features please take a look at my article What’s new in Java EE 8 over at IBM developerWorks and also you should read the specifications for the Servlet 4.0 (JSR 369) API.
The Original Tweet
— Alex Theedom (@alextheedom) October 12, 2017