[
https://issues.apache.org/jira/browse/KNOX-2832?focusedWorklogId=823257&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-823257
]
ASF GitHub Bot logged work on KNOX-2832:
----------------------------------------
Author: ASF GitHub Bot
Created on: 04/Nov/22 04:42
Start Date: 04/Nov/22 04:42
Worklog Time Spent: 10m
Work Description: lmccay commented on code in PR #668:
URL: https://github.com/apache/knox/pull/668#discussion_r1013604525
##########
gateway-provider-security-webappsec/src/main/java/org/apache/knox/gateway/webappsec/deploy/WebAppSecContributor.java:
##########
@@ -150,12 +165,24 @@ public void contributeFilter(DeploymentContext
context,
}
}
- private void provisionConfig(ResourceDescriptor resource, Map<String,String>
providerParams,
- List<FilterParamDescriptor> params, String prefix) {
- for(Entry<String, String> entry : providerParams.entrySet()) {
+ private void provisionConfig(ResourceDescriptor resource, Map<String,
String> providerParams,
+ List<FilterParamDescriptor> params, String
prefix, boolean cutPrefix, boolean toLowerCase) {
Review Comment:
Why did you add these cure cutPrefix and toLowerCase - does the DOS filter
treat the params as case sensitive?
Issue Time Tracking
-------------------
Worklog Id: (was: 823257)
Time Spent: 20m (was: 10m)
> Convert JettyDOS provider to a rate limiting option in webappsec
> ----------------------------------------------------------------
>
> Key: KNOX-2832
> URL: https://issues.apache.org/jira/browse/KNOX-2832
> Project: Apache Knox
> Issue Type: Task
> Components: Server
> Affects Versions: 2.0.0
> Reporter: Sandor Molnar
> Assignee: Balazs Marton
> Priority: Critical
> Fix For: 2.0.0
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> It'd be better to remove the recently created {{JettyDos}} security provider
> and have it functionality wired into Knox's existing {{webappsec}} provider
> just like other security elements (e.g. XFrame, CORS, XSS,...)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
