You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2012/08/23 12:39:14 UTC
svn commit: r1376428 - in /cxf/branches/2.5.x-fixes: ./
rt/core/src/main/java/org/apache/cxf/interceptor/security/DepthRestrictingStreamInterceptor.java
Author: sergeyb
Date: Thu Aug 23 10:39:13 2012
New Revision: 1376428
URL: http://svn.apache.org/viewvc?rev=1376428&view=rev
Log:
Merged revisions 1376427 via svnmerge from
https://svn.apache.org/repos/asf/cxf/branches/2.6.x-fixes
................
r1376427 | sergeyb | 2012-08-23 11:36:42 +0100 (Thu, 23 Aug 2012) | 9 lines
Merged revisions 1376146 via svnmerge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1376146 | sergeyb | 2012-08-22 18:07:37 +0100 (Wed, 22 Aug 2012) | 1 line
Minor update to DepthRestrictingInInterceptor to do the best effort in ignoring all non-xml payloads
........
................
Modified:
cxf/branches/2.5.x-fixes/ (props changed)
cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DepthRestrictingStreamInterceptor.java
Propchange: cxf/branches/2.5.x-fixes/
------------------------------------------------------------------------------
Merged /cxf/trunk:r1376146
Merged /cxf/branches/2.6.x-fixes:r1376427
Propchange: cxf/branches/2.5.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified: cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DepthRestrictingStreamInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DepthRestrictingStreamInterceptor.java?rev=1376428&r1=1376427&r2=1376428&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DepthRestrictingStreamInterceptor.java (original)
+++ cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DepthRestrictingStreamInterceptor.java Thu Aug 23 10:39:13 2012
@@ -36,8 +36,7 @@ import org.apache.cxf.staxutils.StaxUtil
* Creates an XMLStreamReader from the InputStream on the Message.
*/
public class DepthRestrictingStreamInterceptor extends AbstractPhaseInterceptor<Message> {
- private static final String FORM_CONTENT_TYPE = "application/x-www-form-urlencoded";
- private static final String JSON_CONTENT_TYPE = "application/json";
+ private static final String XML_SUB_TYPE = "xml";
private int elementCountThreshold = 2000;
private int innerElementLevelThreshold = 20;
private int innerElementCountThreshold = 50;
@@ -92,7 +91,7 @@ public class DepthRestrictingStreamInter
// custom subclasses can further customize it
protected boolean canBeIgnored(Message message) {
String ct = (String)message.get(Message.CONTENT_TYPE);
- return ct != null && (FORM_CONTENT_TYPE.equals(ct) || JSON_CONTENT_TYPE.equals(ct));
+ return ct != null && !ct.contains(XML_SUB_TYPE);
}
/**