cziegeler 01/04/02 23:26:22
Modified: src/org/apache/cocoon/servlet Tag: xml-cocoon2
CocoonServlet.java
webapp/WEB-INF Tag: xml-cocoon2 web.xml
Log:
Added allow-reload to the servlet configuration parameters to prevent from
DoS attacks
Revision Changes Path
No revision
No revision
1.1.4.75 +11 -3
xml-cocoon/src/org/apache/cocoon/servlet/Attic/CocoonServlet.java
Index: CocoonServlet.java
===================================================================
RCS file:
/home/cvs/xml-cocoon/src/org/apache/cocoon/servlet/Attic/CocoonServlet.java,v
retrieving revision 1.1.4.74
retrieving revision 1.1.4.75
diff -u -r1.1.4.74 -r1.1.4.75
--- CocoonServlet.java 2001/04/02 14:37:14 1.1.4.74
+++ CocoonServlet.java 2001/04/03 06:26:20 1.1.4.75
@@ -62,7 +62,7 @@
* @author <a href="mailto:[EMAIL PROTECTED]">Stefano Mazzocchi</a>
* @author <a href="mailto:[EMAIL PROTECTED]">Nicola Ken Barozzi</a> Aisa
* @author <a href="mailto:[EMAIL PROTECTED]">Berin Loritsch</a>
- * @version CVS $Revision: 1.1.4.74 $ $Date: 2001/04/02 14:37:14 $
+ * @version CVS $Revision: 1.1.4.75 $ $Date: 2001/04/03 06:26:20 $
*/
public class CocoonServlet extends HttpServlet {
@@ -77,6 +77,8 @@
protected Cocoon cocoon;
protected Exception exception;
protected DefaultContext appContext = new DefaultContext();
+ /** Allow reloading of cocoon by specifying the cocoon-reload parameter
with a request */
+ protected boolean allowReload;
private static final boolean ALLOW_OVERWRITE = false;
private static final boolean SILENTLY_RENAME = true;
@@ -136,6 +138,12 @@
this.appContext.put(Constants.CONTEXT_ROOT_PATH,
context.getRealPath("/"));
+ String value = conf.getInitParameter("allow-reload");
+ if (value == null || value.equals("yes") == true) {
+ this.allowReload = true;
+ } else {
+ this.allowReload = false;
+ }
this.createCocoon();
}
@@ -557,12 +565,12 @@
log.info("Configuration changed reload attempt");
this.createCocoon();
return this.cocoon;
- } else if ((pathInfo == null) && (reloadParam != null)) {
+ } else if ((pathInfo == null) && (this.allowReload == true) &&
(reloadParam != null)) {
log.info("Forced reload attempt");
this.createCocoon();
return this.cocoon;
}
- } else if ((pathInfo == null) && (reloadParam != null)) {
+ } else if ((pathInfo == null) && (this.allowReload == true) &&
(reloadParam != null)) {
log.info("Invalid configurations reload");
this.createCocoon();
return this.cocoon;
No revision
No revision
1.1.2.15 +4 -0 xml-cocoon/webapp/WEB-INF/Attic/web.xml
Index: web.xml
===================================================================
RCS file: /home/cvs/xml-cocoon/webapp/WEB-INF/Attic/web.xml,v
retrieving revision 1.1.2.14
retrieving revision 1.1.2.15
diff -u -r1.1.2.14 -r1.1.2.15
--- web.xml 2001/02/20 13:26:50 1.1.2.14
+++ web.xml 2001/04/03 06:26:21 1.1.2.15
@@ -27,6 +27,10 @@
<param-name>log-level</param-name>
<param-value>DEBUG</param-value>
</init-param>
+ <init-param>
+ <param-name>allow-reload</param-name>
+ <param-value>yes</param-value>
+ </init-param>
<init-param>
<param-name>load-class</param-name>
<param-value>
----------------------------------------------------------------------
In case of troubles, e-mail: [EMAIL PROTECTED]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
