bruno 2003/10/28 03:40:47
Modified: src/blocks/woody/java/org/apache/cocoon/woody/formmodel
Repeater.java
Log:
Fixed TODO about limitting repeater sizes.
Revision Changes Path
1.11 +6 -2
cocoon-2.1/src/blocks/woody/java/org/apache/cocoon/woody/formmodel/Repeater.java
Index: Repeater.java
===================================================================
RCS file:
/home/cvs/cocoon-2.1/src/blocks/woody/java/org/apache/cocoon/woody/formmodel/Repeater.java,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- Repeater.java 24 Sep 2003 20:47:06 -0000 1.10
+++ Repeater.java 28 Oct 2003 11:40:47 -0000 1.11
@@ -137,11 +137,15 @@
} catch (NumberFormatException exc) {
// do nothing
}
+
+ // some protection against people who might try to exhaust the
server by supplying very large
+ // size parameters
+ if (size > 500)
+ throw new RuntimeException("Client is not allowed to specify
a repeater size larger than 500.");
+
int currentSize = getSize();
if (currentSize < size) {
for (int i = currentSize; i < size; i++) {
- // TODO: a person with bad intents could pass a very
large size parameter, maybe we should
- // check for a built-in limit or something.
addRow();
}
} else if (currentSize > size) {
