HTTP/2: Parse request-target path like Vert.x (4.1 backport)

[yawkat]

Manual backport of #16810 to 4.1.

This is not a literal bot auto-port: the Java source, tests, fuzz test, and microbenchmark changes from the 4.2 PR applied as-is, but the root pom.xml needed a 4.1-specific conflict resolution. The backport keeps 4.1's existing junit.version (5.12.1) and adds only jazzer.version (0.30.0) for the new fuzz test, instead of taking 4.2's newer JUnit/JUnit Platform version lines.

Cherry-picked source commit: a42c7fc

---

Motivation:

HttpConversionUtil.toHttp2Headers currently depends on java.net.URI for absolute-form request-target parsing. On JDKs that still enforce older URI syntax, path or query characters that appear in real HTTP request-targets can make HTTP/1.x to HTTP/2 conversion fail before :path is produced.

Netty only needs URI parsing for the lower-frequency scheme://authority validation/extraction path. The hot path/query extraction can follow the same lightweight parsing shape used by Vert.x while avoiding full URI parsing and avoiding a try/catch fallback.

Modification:

• Split request-target path and query parsing into Vert.x-shaped parsePath and parseQuery helpers, with comments for Netty-specific differences.
• Keep URI parsing for scheme://authority validation/extraction only after stripping path/query/fragment data.
• Preserve origin-form and asterisk-form behavior.
• Add regression tests for characters rejected by java.net.URI, authority-only and missing-authority absolute-form targets, empty query/fragment handling, and malformed authority validation.
• Add a Jazzer fuzz test that compares the new behavior against the old URI-based conversion using broad consumeString(128) request-target input and narrow documented compatibility exceptions.

4.1 CI note:

The Jazzer test is opt-in via JAZZER_FUZZ=1 on this branch. Netty 4.1 CI still runs Linux jobs on old CentOS images whose glibc is too old for Jazzer's native driver. The initial CI failure was:

HttpConversionUtilFuzzTest.currentConversionMatchesOldUriBasedConversion → Failed to run Agent.install → libjazzer_driver_*.so: /lib64/libc.so.6: version 'GLIBC_2.14' not found.

The deterministic HttpConversionUtilTest regression tests still run by default; the fuzz oracle remains available on compatible hosts by setting JAZZER_FUZZ=1.

Result:

HTTP/2 conversion no longer relies on full java.net.URI parsing for request-target path/query extraction, while preserving meaningful existing behavior and continuing to validate/extract scheme and authority through URI where appropriate.

Verification performed locally:

• Default CI-like targeted path: ./mvnw -pl codec-http2 -am -Drevapi.skip=true -DskipJapicmp -DskipHttp2Testsuite -DskipAutobahn -Dcheckstyle.skip=true -Dforbiddenapis.skip=true -Danimal.sniffer.skip=true -Dsurefire.failIfNoSpecifiedTests=false -Dtest=HttpConversionUtilTest,HttpConversionUtilFuzzTest test — 31 tests, 0 failures, 1 skipped (HttpConversionUtilFuzzTest).
• Opt-in fuzz path: JAZZER_FUZZ=1 ./mvnw -pl codec-http2 -am -Drevapi.skip=true -DskipJapicmp -DskipHttp2Testsuite -DskipAutobahn -Dcheckstyle.skip=true -Dforbiddenapis.skip=true -Danimal.sniffer.skip=true -Dsurefire.failIfNoSpecifiedTests=false -Dtest=HttpConversionUtilFuzzTest test — fuzz test ran successfully on the local JDK 21 host.
• Checkstyle/compile path: ./mvnw -pl codec-http2 -am -DskipTests -Drevapi.skip=true -DskipJapicmp -DskipHttp2Testsuite -DskipAutobahn -Dforbiddenapis.skip=true -Danimal.sniffer.skip=true test — build success.

Notes:

• Java LSP diagnostics were unavailable locally because jdtls is not installed in the environment.
• The 4.1 backport keeps 4.1's existing junit.version and only adds jazzer.version; codec-http2 excludes Jazzer's JUnit/JUnit Platform transitives so the branch-managed test stack is used.

[yawkat]

I manually checked that the production code is identical to the 4.2 PR