yyj8 commented on code in PR #23634:
URL: https://github.com/apache/pulsar/pull/23634#discussion_r1859776553
##########
pulsar-broker-common/src/main/java/org/apache/pulsar/common/configuration/VipStatus.java:
##########
@@ -47,13 +47,33 @@ public class VipStatus {
// log a full thread dump when a deadlock is detected in status check once
every 10 minutes
// to prevent excessive logging
private static final long LOG_THREADDUMP_INTERVAL_WHEN_DEADLOCK_DETECTED =
600000L;
- private static volatile long threadDumpLoggedTimestamp;
+ private static volatile long lastCheckStatusTimestamp;
+
+ // Since the status endpoint doesn't have authentication, it will be
necessary to have a solution to prevent
+ // introducing a new DoS vulnerability where calling the status endpoint
in a tight loop could introduce
+ // significant load to the system. One way would be to check that the
deadlock check is executed only
+ // when there's more than 1 seconds from the previous check.
+ // If it's less than that, the previous result of the deadlock check would
be reused.
Review Comment:
>
This is a great proposal, and I will modify it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
