Skip to content

[HTTP] Small comment#125106

Merged
ManickaP merged 1 commit intodotnet:mainfrom
ManickaP:comment
Mar 3, 2026
Merged

[HTTP] Small comment#125106
ManickaP merged 1 commit intodotnet:mainfrom
ManickaP:comment

Conversation

@ManickaP
Copy link
Member

@ManickaP ManickaP commented Mar 3, 2026

No description provided.

Copilot AI review requested due to automatic review settings March 3, 2026 09:07
@dotnet-policy-service
Copy link
Contributor

dotnet-policy-service bot commented Mar 3, 2026

Tagging subscribers to this area: @karelz, @dotnet/ncl
See info in area-owners.md if you want to be subscribed.

Copilot AI reviewed Mar 3, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds a small explanatory comment to HttpMessageInvoker.cs to document why the _handler field should remain private.

Changes:

  • Adds a two-line comment above the _handler field explaining the rationale for keeping it private

This was referenced Mar 3, 2026
Open
Open
@ManickaP ManickaP merged commit 0a4a347 into dotnet:main Mar 3, 2026
93 of 96 checks passed
@ManickaP ManickaP deleted the comment branch March 3, 2026 12:10
stephentoub
stephentoub reviewed Mar 3, 2026
View reviewed changes
src/libraries/System.Net.Http/src/System/Net/Http/HttpMessageInvoker.cs
@@ -11,6 +11,8 @@ public class HttpMessageInvoker : IDisposable
{
private volatile bool _disposed;
private readonly bool _disposeHandler;
// Do not make the _handler field public.
// Exposing it might interfere with HttpClientFactory handler recycling behavior.
Copy link
Member

@stephentoub stephentoub Mar 3, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't understand this comment.
a) We would never make _handler public for .NET API design reasons.
b) It's unclear how exposing the additional information (e.g. as a get-only property) would interfere with recycling behavior.

Copy link
Member Author

@ManickaP ManickaP Mar 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If the user has access to the instance, they could then keep it alive longer than the client (by storing it somewhere) and that would break the recycling logic in HCF. This was one of the recommendations coming out of a discussion about HCF Threat Model.

Copy link
Member

@stephentoub stephentoub Mar 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is about GC lifetime? The HttpMessageInvoker itself stores a reference to it. If the user is holding on to the HttpMessageInvoker, they're holding on to the handler indirectly. Moreover, to construct HttpMessageInvoker requires passing the handler into the ctor, so whoever constructed the HttpMessageInvoker could still be holding a direct reference to the instance.

ManickaP added a commit that referenced this pull request Mar 3, 2026
@ManickaP
Revert "[HTTP] Small comment (#125106)"
82e1055 
This reverts commit 0a4a347.
@ManickaP ManickaP mentioned this pull request Mar 3, 2026
Merged
ManickaP added a commit that referenced this pull request Mar 3, 2026
@ManickaP
Revert "[HTTP] Small comment" (#125120)
df927b5 
Reverts #125106
@dotnet-maestro dotnet-maestro bot mentioned this pull request Mar 4, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@stephentoub stephentoub stephentoub left review comments

Copilot code review Copilot Copilot left review comments

@rzikm rzikm rzikm approved these changes

Assignees

@ManickaP ManickaP

Labels

area-System.Net.Http

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ManickaP @stephentoub @rzikm