You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by kk...@apache.org on 2011/11/08 07:37:57 UTC
svn commit: r1199122 - in /tomcat/tc6.0.x/trunk: STATUS.txt
java/org/apache/catalina/filters/CsrfPreventionFilter.java
java/org/apache/catalina/filters/FilterBase.java webapps/docs/changelog.xml
Author: kkolinko
Date: Tue Nov 8 06:37:57 2011
New Revision: 1199122
URL: http://svn.apache.org/viewvc?rev=1199122&view=rev
Log:
Make configuration issue for CsrfPreventionFilter result
in the failure of the filter rather than just a warning message.
Modified:
tomcat/tc6.0.x/trunk/STATUS.txt
tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java
tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/FilterBase.java
tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
Modified: tomcat/tc6.0.x/trunk/STATUS.txt
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/STATUS.txt?rev=1199122&r1=1199121&r2=1199122&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/STATUS.txt (original)
+++ tomcat/tc6.0.x/trunk/STATUS.txt Tue Nov 8 06:37:57 2011
@@ -73,13 +73,6 @@ PATCHES PROPOSED TO BACKPORT:
+1: kkolinko, kfujino, markt
-1:
-* Make configuration issue for CsrfPreventionFilter result
- in the failure of the filter rather than just a warning message.
- http://people.apache.org/~kkolinko/patches/2011-10-26_tc6_CsrfPreventionFilter.patch
- It is based on the filters part of r1189256 (r1189258 in TC7)
- +1: kkolinko, kfujino, jfclere
- -1:
-
* Improve performance of parameter processing.
http://people.apache.org/~markt/patches/2011-10-29-param-perf-tc6-v2.patch
http://svn.apache.org/viewvc?rev=1195222&view=rev - performance tweaks
Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?rev=1199122&r1=1199121&r2=1199122&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java (original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java Tue Nov 8 06:37:57 2011
@@ -186,6 +186,13 @@ public class CsrfPreventionFilter extend
chain.doFilter(request, wResponse);
}
+
+ @Override
+ protected boolean isConfigProblemFatal() {
+ return true;
+ }
+
+
/**
* Generate a once time token (nonce) for authenticating subsequent
* requests. This will also add the token to the session. The nonce
Modified: tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/FilterBase.java
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/FilterBase.java?rev=1199122&r1=1199121&r2=1199122&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/FilterBase.java (original)
+++ tomcat/tc6.0.x/trunk/java/org/apache/catalina/filters/FilterBase.java Tue Nov 8 06:37:57 2011
@@ -49,8 +49,13 @@ public abstract class FilterBase impleme
String paramName = (String) paramNames.nextElement();
if (!IntrospectionUtils.setProperty(this, paramName,
filterConfig.getInitParameter(paramName))) {
- getLogger().warn(sm.getString("filterbase.noSuchProperty",
- paramName, this.getClass().getName()));
+ String msg = sm.getString("filterbase.noSuchProperty",
+ paramName, this.getClass().getName());
+ if (isConfigProblemFatal()) {
+ throw new ServletException(msg);
+ } else {
+ getLogger().warn(msg);
+ }
}
}
}
@@ -59,4 +64,15 @@ public abstract class FilterBase impleme
// NOOP
}
+ /**
+ * Determines if an exception when calling a setter or an unknown
+ * configuration attribute triggers the failure of the this filter which in
+ * turn will prevent the web application from starting.
+ *
+ * @return <code>true</code> if a problem should trigger the failure of this
+ * filter, else <code>false</code>
+ */
+ protected boolean isConfigProblemFatal() {
+ return false;
+ }
}
Modified: tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml?rev=1199122&r1=1199121&r2=1199122&view=diff
==============================================================================
--- tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml (original)
+++ tomcat/tc6.0.x/trunk/webapps/docs/changelog.xml Tue Nov 8 06:37:57 2011
@@ -98,6 +98,10 @@
In GenericPrincipal, SerializablePrincipal: Do not sort lists of roles
that have only one element. (kkolinko)
</update>
+ <add>
+ Make configuration issue for CsrfPreventionFilter result in the
+ failure of the filter rather than just a warning message. (kkolinko)
+ </add>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org