geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jarek Gawor (JIRA)" <>
Subject [jira] Commented: (GERONIMO-4874) Improve the console filter performance
Date Fri, 18 Sep 2009 15:07:16 GMT


Jarek Gawor commented on GERONIMO-4874:

Maybe I'm not understanding this, but how do you handle the case where the </body> keyword
is broken apart in two or more separate buffers. That is, for example, the first .write()
call passes a buffer that ends with "</bo" and the next .write() call passes a buffer that
starts with "dy>"?

> Improve the console filter performance
> --------------------------------------
>                 Key: GERONIMO-4874
>                 URL:
>             Project: Geronimo
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>          Components: console
>    Affects Versions: 2.1.4, 2.1.5, 2.2, 3.0
>         Environment: All
>            Reporter: Jack Cai
>            Priority: Minor
>         Attachments: GERONIMO-4874.patch, GERONIMO-4874_0918.patch
> Current console filter for blocking XSRF attack does not scale well as it need to read
all the output into a string and then do some text replacement. This will use a lot of memory
in extreme cases. See the discussion [1].
> [1]

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message