You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by kk...@apache.org on 2011/11/08 07:37:57 UTC

svn commit: r1199122 - in /tomcat/tc6.0.x/trunk: STATUS.txt java/org/apache/catalina/filters/CsrfPreventionFilter.java java/org/apache/catalina/filters/FilterBase.java webapps/docs/changelog.xml

Author: kkolinko
Date: Tue Nov  8 06:37:57 2011
New Revision: 1199122

URL: http://svn.apache.org/viewvc?rev=1199122&view=rev
Log:
Make configuration issue for CsrfPreventionFilter result
in the failure of the filter rather than just a warning message.

Modified:
    tomcat/tc6.0.x/trunk/STATUS.txt
    tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java
    tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/FilterBase.java
    tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml

Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1199122&r1=1199121&r2=1199122&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Nov  8 06:37:57 2011
@@ -73,13 +73,6 @@ PATCHES PROPOSED TO BACKPORT:
   +1: kkolinko, kfujino, markt
   -1:
 
-* Make configuration issue for CsrfPreventionFilter result
-  in the failure of the filter rather than just a warning message.
-  http://people.apache.org/~kkolinko/patches/2011-10-26_tc6_CsrfPreventionFilter.patch
-  It is based on the filters part of r1189256 (r1189258 in TC7)
-  +1: kkolinko, kfujino, jfclere
-  -1:
-
 * Improve performance of parameter processing.
   http://people.apache.org/~markt/patches/2011-10-29-param-perf-tc6-v2.patch
   http://svn.apache.org/viewvc?rev=1195222&view=rev - performance tweaks

Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?rev=1199122&r1=1199121&r2=1199122&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java (original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java Tue Nov  8 06:37:57 2011
@@ -186,6 +186,13 @@ public class CsrfPreventionFilter extend
         chain.doFilter(request, wResponse);
     }
 
+
+    @Override
+    protected boolean isConfigProblemFatal() {
+        return true;
+    }
+
+
     /**
      * Generate a once time token (nonce) for authenticating subsequent
      * requests. This will also add the token to the session. The nonce

Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/FilterBase.java
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/FilterBase.java?rev=1199122&r1=1199121&r2=1199122&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/FilterBase.java (original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/FilterBase.java Tue Nov  8 06:37:57 2011
@@ -49,8 +49,13 @@ public abstract class FilterBase impleme
             String paramName = (String) paramNames.nextElement();
             if (!IntrospectionUtils.setProperty(this, paramName,
                     filterConfig.getInitParameter(paramName))) {
-                getLogger().warn(sm.getString("filterbase.noSuchProperty",
-                        paramName, this.getClass().getName()));
+                String msg = sm.getString("filterbase.noSuchProperty",
+                        paramName, this.getClass().getName());
+                if (isConfigProblemFatal()) {
+                    throw new ServletException(msg);
+                } else {
+                    getLogger().warn(msg);
+                }
             }
         }    
     }
@@ -59,4 +64,15 @@ public abstract class FilterBase impleme
         // NOOP
     }
 
+    /**
+     * Determines if an exception when calling a setter or an unknown
+     * configuration attribute triggers the failure of the this filter which in
+     * turn will prevent the web application from starting.
+     *
+     * @return <code>true</code> if a problem should trigger the failure of this
+     *         filter, else <code>false</code>
+     */
+    protected boolean isConfigProblemFatal() {
+        return false;
+    }
 }

Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1199122&r1=1199121&r2=1199122&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Tue Nov  8 06:37:57 2011
@@ -98,6 +98,10 @@
         In GenericPrincipal, SerializablePrincipal: Do not sort lists of roles
         that have only one element. (kkolinko)
       </update>
+      <add>
+        Make configuration issue for CsrfPreventionFilter result in the
+        failure of the filter rather than just a warning message. (kkolinko)
+      </add>
     </changelog>
   </subsection>
   <subsection name="Coyote">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org