Author: jcompagner
Date: Thu Apr 15 15:44:02 2010
New Revision: 934460
URL: http://svn.apache.org/viewvc?rev=934460&view=rev
Log:
protection against url altering, setting a very high number of the url depth
would mean a very large string would be generated.
Modified:
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/request/RequestParameters.java
Modified:
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/request/RequestParameters.java
URL:
http://svn.apache.org/viewvc/wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/request/RequestParameters.java?rev=934460&r1=934459&r2=934460&view=diff
==============================================================================
---
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/request/RequestParameters.java
(original)
+++
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/request/RequestParameters.java
Thu Apr 15 15:44:02 2010
@@ -42,6 +42,8 @@ import org.apache.wicket.protocol.http.r
*/
public class RequestParameters implements IClusterable
{
+ private static final int MAX_URL_DEPTH = 75;
+
private static final long serialVersionUID = 1L;
/** the full path to a component (might be just the page). */
@@ -358,6 +360,8 @@ public class RequestParameters implement
*/
public void setUrlDepth(int urlDepth)
{
+ if (urlDepth > MAX_URL_DEPTH)
+ throw new RuntimeException("Url depth to large: " +
urlDepth);
this.urlDepth = urlDepth;
}
