You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2012/08/23 12:39:14 UTC

svn commit: r1376428 - in /cxf/branches/2.5.x-fixes: ./ rt/core/src/main/java/org/apache/cxf/interceptor/security/DepthRestrictingStreamInterceptor.java

Author: sergeyb
Date: Thu Aug 23 10:39:13 2012
New Revision: 1376428

URL: http://svn.apache.org/viewvc?rev=1376428&view=rev
Log:
Merged revisions 1376427 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/branches/2.6.x-fixes

................
  r1376427 | sergeyb | 2012-08-23 11:36:42 +0100 (Thu, 23 Aug 2012) | 9 lines
  
  Merged revisions 1376146 via svnmerge from 
  https://svn.apache.org/repos/asf/cxf/trunk
  
  ........
    r1376146 | sergeyb | 2012-08-22 18:07:37 +0100 (Wed, 22 Aug 2012) | 1 line
    
    Minor update to DepthRestrictingInInterceptor to do the best effort in ignoring all non-xml payloads
  ........
................

Modified:
    cxf/branches/2.5.x-fixes/   (props changed)
    cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DepthRestrictingStreamInterceptor.java

Propchange: cxf/branches/2.5.x-fixes/
------------------------------------------------------------------------------
  Merged /cxf/trunk:r1376146
  Merged /cxf/branches/2.6.x-fixes:r1376427

Propchange: cxf/branches/2.5.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DepthRestrictingStreamInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DepthRestrictingStreamInterceptor.java?rev=1376428&r1=1376427&r2=1376428&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DepthRestrictingStreamInterceptor.java (original)
+++ cxf/branches/2.5.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DepthRestrictingStreamInterceptor.java Thu Aug 23 10:39:13 2012
@@ -36,8 +36,7 @@ import org.apache.cxf.staxutils.StaxUtil
  * Creates an XMLStreamReader from the InputStream on the Message.
  */
 public class DepthRestrictingStreamInterceptor extends AbstractPhaseInterceptor<Message> {
-    private static final String FORM_CONTENT_TYPE = "application/x-www-form-urlencoded";
-    private static final String JSON_CONTENT_TYPE = "application/json";
+    private static final String XML_SUB_TYPE = "xml";
     private int elementCountThreshold = 2000;
     private int innerElementLevelThreshold = 20;
     private int innerElementCountThreshold = 50;
@@ -92,7 +91,7 @@ public class DepthRestrictingStreamInter
     // custom subclasses can further customize it
     protected boolean canBeIgnored(Message message) {
         String ct = (String)message.get(Message.CONTENT_TYPE);
-        return ct != null && (FORM_CONTENT_TYPE.equals(ct) || JSON_CONTENT_TYPE.equals(ct));
+        return ct != null && !ct.contains(XML_SUB_TYPE);
     }
     
     /**