From dev-return-203590-archive-asf-public=cust-asf.ponee.io@tomcat.apache.org Wed Nov 20 20:21:52 2019 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [207.244.88.153]) by mx-eu-01.ponee.io (Postfix) with SMTP id 89F871804BB for ; Wed, 20 Nov 2019 21:21:52 +0100 (CET) Received: (qmail 32499 invoked by uid 500); 20 Nov 2019 20:21:51 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 32486 invoked by uid 99); 20 Nov 2019 20:21:51 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 20 Nov 2019 20:21:50 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 551C0181385 for ; Wed, 20 Nov 2019 20:21:50 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 0.001 X-Spam-Level: X-Spam-Status: No, score=0.001 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=disabled Authentication-Results: spamd3-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=christopherschultz-net.20150623.gappssmtp.com Received: from mx1-he-de.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id AhY2XHn75_We for ; Wed, 20 Nov 2019 20:21:48 +0000 (UTC) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=2607:f8b0:4864:20::82b; helo=mail-qt1-x82b.google.com; envelope-from=chris@christopherschultz.net; receiver= Received: from mail-qt1-x82b.google.com (mail-qt1-x82b.google.com [IPv6:2607:f8b0:4864:20::82b]) by mx1-he-de.apache.org (ASF Mail Server at mx1-he-de.apache.org) with ESMTPS id 42C3A7DE07 for ; Wed, 20 Nov 2019 20:21:48 +0000 (UTC) Received: by mail-qt1-x82b.google.com with SMTP id t8so977200qtc.6 for ; Wed, 20 Nov 2019 12:21:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=christopherschultz-net.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:openpgp:autocrypt:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=53c85WO+efraYAD0JrH+44pPEyqwe7pXML3d8oksxdA=; b=AJVo2l6hX56BA6jZ8tjpBKrFT9k3cLS42WOur2nnSb7ToGRF9tH96hsGDTY2uYnd4u GBG+EWuLM2xThFa2NybHJ3W7yjke6yZxmggeMfKysvcQVkbaFYQ3up01HjVL7l8HiTB+ wWrLq4ZeZTvpNxnmIStEB4kPe8AN6XXl+SAXS42qe7sjR1tvee0z3iMaLFKIgkubMedI /PMWfITcBvIvYinlOfZ1FowZWD6/czSPMN0oPMygT3fqbW1rUpbnpQF2y+d6gVcz6iXK RDZWF/l16jO49ps1Iv1bDH2dXlpBfNWbKy1RuEcK/evQzndFQnpIbs7yCm8rZjTGAvAb SDgA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:openpgp:autocrypt :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=53c85WO+efraYAD0JrH+44pPEyqwe7pXML3d8oksxdA=; b=FQyq24ZHQp4A9meJe/cq0u4r0nvur817sNnSNGCdgnspgWTjW26xWHllk18iaVde2f /5Kg4kwPSub0O+mpeYsRpzZPqk2dRP/idu/HcM6vvqqQfC3EnstVp7tKNPxPNq/v/q99 3YYqN8tD251oFEHf/llqJQUFZhKoZJ8fBFsPVCJE1LqWPc6fn2JGJEYI+u7yF8UCbayJ 6pSusGYspvY3hcSQ64VqyQZmHjTjWHQtP9N+NC4mDxD4fosDmfnoqloM30TvWBg7Zbgd dCE/yZ2o5RJB8H/6tw0w6TAGg4bjOPIeEvQLvVmCx0OuAwNqqMxAk3VnJzXYvariZ8ea OZFA== X-Gm-Message-State: APjAAAU/TX7AzzgzU3Nh1jK6QVytrAW9YFzKs+J6r2w3GgPMeGL6yDyw 14vKzZig4YeOjLDD0FsWbaSM2t13z3s= X-Google-Smtp-Source: APXvYqwi4tPJ89ErkijatlIbPPXl6XQWX2gSmXMkV38xs6QewUfRMey1gXC2ZldOWDONzr8V6ybfpQ== X-Received: by 2002:ac8:3a66:: with SMTP id w93mr4740037qte.128.1574281301187; Wed, 20 Nov 2019 12:21:41 -0800 (PST) Received: from Christophers-MacBook-Pro-2.local (pool-108-48-175-111.washdc.fios.verizon.net. [108.48.175.111]) by smtp.gmail.com with ESMTPSA id y21sm195922qka.49.2019.11.20.12.21.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 20 Nov 2019 12:21:40 -0800 (PST) Subject: Re: [tomcat] 04/06: Allow customization of the CSRF prevention filter's request parameter name. To: Tomcat Developers List , Konstantin Kolinko References: <157427762383.6906.4410050993910846756@gitbox.apache.org> <20191120192024.0FE7C8B694@gitbox.apache.org> From: Christopher Schultz Openpgp: preference=signencrypt Autocrypt: addr=chris@christopherschultz.net; keydata= xsFNBE+pgz4BEADd7qAWgqXcNltlB3aow0UneRmNSVjHKgekgs0ZXxG9l50Athksr/3bL/yg bxFB00JcM9W+UxLhKHiMSyzfeBHn9l9wAlLFKs0S91KXTUnRwGFtvgstvGROoqPgTVREklnm yW/KpzOwqSrQ5xHcogaT+XWlXmRbtFypi52Z5HGWlFWWgwx0vKBWHmQayPtCif0v1RDxfdV9 zziodn0TnpfBQsEgf9TDAjkNT8f0ecwTnhSihTDm1W5HCK7Pm5DfUtree1Oh6Ncz2ljlUO0b 3Lai9pX48eZOj7WQXPefkcv2AoUvdELkQKw3klM5YNXbXPf1KAjky+q4DQ1ydD6LkK+9cI3S TeMesTlk/tytOsaN2NH2k87sEpcumbH0AcmPFEnIYUfm4KzWdKlYA6mbV3Pk3tHSuayyJovj h/7Y7BG9p2l7D60r49hzrTPG8VxNkSliNLcSjI3QjYpfhSlqmqXyVKzdzirK1HPr1xfJStig RpLP9nWarZjoXng9N0etGwtH/8roeDPYA8x9ba1KXy/1g/i+RLx2ms+rueCpnFZxU3GZNUSp RfpdUbwCN3Zm1w5Z6SI8X2aSnWWeYzU6HMsV+P4PROnFsgxDeOpyWhyEaaVLXQtOYwcHneHb n56vSG50TkAuHs5kk/3/YDPSsqjsUPOuhKgFMh3iqMTh5DMdSwARAQABzTJDaHJpc3RvcGhl ciBTY2h1bHR6IDxjaHJpc0BjaHJpc3RvcGhlcnNjaHVsdHoubmV0PsLBegQTAQgAJAIbLwUL CQgHAwUVCgkICwUWAgMBAAIeAQIXgAUCT6mETgIZAQAKCRDzrVyUpn9wflkxD/9IsahRqHTV /hH5nuPqVO692cQqHvPtMPO6lDb4909VN5T1i+1hFr80P0KVDL6EI78lDBJ2TThWI0o5vFdm sRlei59wsgTvkKTph5QwwOWl7OyzUDX3WbKhkNQdGf4I+/g/1s2bHaRoG30ELdL7cwUPCPrW 0KQwBy7Rtr0WbdujKOw9b/UcgyXEOE1wNcorq/E1o5/6BRYIcFQOO4sjHjGcChOpSg5ms4zb s+Xv3gOtLrbmOPRTXdvBxwJA6kkfQFHvI42kXYghTdqhBVPnHYPqUeavRsb+Yz3ghkZhj35i GfaGyXNwFBikCYjzIaj44NOkT1pU50MgIbjSJ+xoHnC20T942kekqp6wzqUM19Pa9ohsEdA1 Sf6/A7RmpZRrxSIY02ZVnGccnVjglnylVcnxrNAZC3ebxCeZPQ09FBR0Uqlsrdt7A3hlEP2F aoMTSa+hYqfWBGB7uZhcJZIsZspxm8J0txeOzYNSFDl7mF134ShRsq6dpSugCdcdeSWKliBz q0U8sIabOFLMxM0hbwkn2RG4OaurJLWXQf+7IhA/J8TizjkbdxLmR2PiTiVtrx484mpWpbF8 po/em0q/reFnL+JtOM6qlJE/Q4B6PfkchhU5vKPfmGw98t9guyw5G8YSR1rR+SOowHg4T/i2 Rezz1idKmoFpPdNFRPlOAC+d687BTQRPqYM+ARAAzEItVpzvcgZB+faUWi54lJoA8GnVxXEe OQY+7wk/P5i9GtL0UVXC53j2F87BDVXGalKgVjEVdNY3Cyx+dJ2os65gjxd6ZK18zc6N7YZB Z00XNU9nTz5XImZzHn4VmeXYMQrKO/981nCNPlV6CVdgGg9wl1Ij5Sh8SSTb8kWSo1ngx+XX 4yJNUbfSh32yMPVGI7ZcoZLm9gdgTOOnuEkeeGs/lPvYN+1Cv/YtvkPybSOSWSdHxIVU4Iko 6V7IkM1amjdwKfoeg+CLhZsbY7VLAzVtGvaF5z4rtJtCfTfhbYD0wS8afEBcvsew1HdtYDT5 AJqojeZBGDuY7JCgALc3HCy34Zzk+mi1qwvrm5i/CBMuIvjxB2MkzhHQNUD20fzdRcoIgw4J IzbqZLlOpVFehDXzKT/h5vh+Uv7s6Rz5gP5i0Rkcghw00mRBvuN8mpQnLt4hYL22cNh/tk0L Fxda7ZaPehu7ug4E5FEB0Ifm1KV18P7Kpfu8tiSLz7rl++x73o4uv4bk1ZnjO/jFsx0KLGwq VxR276ZIwsV4WpLYvJ5fR0kqqd/TOKXGSEA0eGxWTeb/fNtkYemRVoasB1+rqjh/Rz0p20o8 elkqDhpzzhrMNzEMYkLySu7npWCeWW4Nd6097+OG9BCLO+ndGmAcupdu6WMEj2UlWsQxuCYC PgsAEQEAAcLDfgQYAQgACQUCT6mDPgIbLgIpCRDzrVyUpn9wfsFdIAQZAQgABgUCT6mDPgAK CRAc8Ck/pTykWO6WD/0XlAG4D4GwzzuOfh7DG6cm/I0vmASEJkY5ghStW4GUbYosgS/btyj/ YPWzVh4HWMvuA6YYKCuz/CM3h34dR25XmHqUdOyJOCnMJ3psdv5YsytgnEdvINZALlDdBX3G sfytgS0KnVjAc92LfJOxHAsZf4zE3SU28FMX7jCgeqO3YrvkHsZ8dzzgw3QYT0J3NcYfkflb DPBXBDGrvdUuea/w6F17pctdRdt7jE3JiLFq2F9ehXOSsIwecUlqVYiCRuxblD4cJ6gKMn0y 8zllW4GyIbf/+mNLkpKoMPYnptDvcEojluHtwbkSfF5AwgJbm6pfs9a2vpGBVko+dBXGh4/T 3qNYxeGEAsI0psEJu3EZN9dYv/ZOb69DUJ6SwEKp/L7lU7C8HoLx/MpKtuJO9OS5uuAhdBSi GqfaN9zP2NxPXSwnexVK2exy/h5sUevDsnBEHmyxe5GRSrIilyijLtlYhq2W7G95poxIFZuL Db98R+7VR9Yl9uOZ6kRBJmzp9X2oB8MDHoKe4QEuiRx/5/DNxB8i2QoTWN/BfluTSfVpO5rf jSXlaUuFOnouBrWdmbaBdg+47m4IGEz129Zdf+y+ISexQ6P16ZY1oYxYlbQSaEwk0+TJ4B0C uvMHwPF3SDH2LeRx+mK2OvwnVulvj2+WdW/rIVgwhwbKmBLj40R+Uq4zD/4iRxJ5PF1ynjxR po3Izp/ZrYWrPgtBg0jUZ8DdlAiRHCFGPpccK8RvBWXmtzF4XQsV39aPBqcE3W6IcTnIMrDi 6mnqealpfiUq+4RGNfRFN9wtgViZLy/FRWi76k+vo/Jmp7/K9JblGX48D2JL9FX0w5PXkpE4 abmY1OASQUiwoJ4n1asxwEonSaWeYbI7X5IqdvevGyfYdSn4VEywdrYGtWjsWlZ/DPofPwsI bQXGY6o+wg9lDAk2L2nVTa05XuyOooUPwKLD0WrLOIxLmcbVv/tgJG03/uI4iDitSofTKnpz E+xdpfFIyw1Mb8PO4WJi0gpHmmLUbG8AMLS+8wSDFwIA4TXQFy9suXXzLuuzML+G5h9Mo5D6 q5HsIe59lhdwk7oEPZJ1NWLfLavTENQg5ObS2YT1KaFskFxxgtcU0aBytAxTjkgGRB8UunXl NJeCuTIAUxXw41P93V4Khigc5dEOG1kEDoq0dAlAE7AbL6Vzc/Go+UwivtUil3sXADOyM9PT JjLNnye+2V0ywQncJ1AG6sxICpPKzv8oYP6xwurEuKnF8DAWEHEwT+Fb277Idv1v8uMGvltp coe7olE0O+TRUtMEwtEp4g4m8ym1rJI/yfwXtHkS8QcVBA9LRqcWEna1VPlT1pk3BSq/1xQa F/4OLScBfV2JbF93sN0SLw== Message-ID: <6adc03d9-2324-d174-e787-e91ed719db2a@christopherschultz.net> Date: Wed, 20 Nov 2019 15:21:39 -0500 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:55.0) Gecko/20100101 Thunderbird/55.0a1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Konstantin, On 11/20/19 14:33, Konstantin Kolinko wrote: > ср, 20 нояб. 2019 г. в 22:20, : >> >> This is an automated email from the ASF dual-hosted git >> repository. >> >> schultz pushed a commit to branch 8.5.x in repository >> https://gitbox.apache.org/repos/asf/tomcat.git >> >> View the commit online: >> https://github.com/apache/tomcat/commit/856a2e2482fde9e8c8d0535942a70 c2ddfc8d676 >> >> >> commit 856a2e2482fde9e8c8d0535942a70c2ddfc8d676 >> Author: Christopher Schultz >> AuthorDate: Tue Nov 19 12:54:45 2019 -0500 >> >> Allow customization of the CSRF prevention filter's request >> parameter name. --- >> .../catalina/filters/CsrfPreventionFilter.java | 24 >> +++++++++++++++++----- webapps/docs/changelog.xml >> | 5 +++-- 2 files changed, 22 insertions(+), 7 deletions(-) >> >> diff --git >> a/java/org/apache/catalina/filters/CsrfPreventionFilter.java >> b/java/org/apache/catalina/filters/CsrfPreventionFilter.java >> index cd1b576..fe4399f 100644 --- >> a/java/org/apache/catalina/filters/CsrfPreventionFilter.java +++ >> b/java/org/apache/catalina/filters/CsrfPreventionFilter.java > > [...] > >> - public CsrfResponseWrapper(HttpServletResponse response, >> String nonce) { + public >> CsrfResponseWrapper(HttpServletResponse response, String >> nonceRequestParameterName, String nonce) { super(response); + >> this.nonceRequestParameterName = nonceRequestParameterName; >> this.nonce = nonce; } > > Tests need to be adjusted, as they use the constructor above. See > remm's commit on master for a fix, > https://github.com/apache/tomcat/commit/9d7cb5468fbf2df4709c222b472bd8 6a26c9d4b6 ACK Thanks > for the review, again. - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl3VoFMACgkQHPApP6U8 pFgEPQ/9HleVKzMeN9X5kMwm23iCxdij4DGk+nKyNLNMKgdej5fdvnAL+i8ZqqdL Zez4C7JL2Aq2qgT3qkI3sMZUNpMNvPerZ/Xo1brUCzrEuW1u6uorvGuTbi5zOXQp GglEIOwZPMtfjx8+JKZCZAkoyjxb6UzK1nr+WNn7TLkjmsKZ+q9vxEIx21QSWdry hrBPbxiLAUM8GpBoeHSMKJE3kVhsEOCGDCBwjtpCdTPM5rIhXRIqHs03ATYgp3xj DhVy7vS0YrrqadKbuPyyWEdEatCVdE+ZDr183QFmbL8ICcDnm0pBhAoOuaj7vA1W 4AAPzH+NraFn+zujMyw8BeA9MAy2XibsMx6CvggejdU8S5pHHKaK773/+cr3rZK3 okIChgwEAC4LeMBYQzXs9NhtsJ0JZ4rlV5asg9RamvMm21JjM1CRky+ljPo27Dzm aALwJerEwuJSHoBsj8KDtvO+bQeG9D3mLyv+6QboxjX+sipop/JjQwo90meCsE+S 5CwBmwetfhmwq4glj5w1A4eM1PBXgnOdQ/94kLzPnnb5bzdRBlS4zvEBQ2LfheMC zRq22VavTTeaQ19sbHlbo4dpx8xO6+z9vXe5SIb+LyXZZJRUYUUzuZ/eCpBE/9/y fdrOZ/sJoQvJWT4cobZhfuItgPgMdebDCk9RYvndssacJ4cGvj4= =m93x -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org