Skip to content

D
dragonwell8_jdk

openanolis / dragonwell8_jdk

通知 4
Star 2
Fork 0
D
dragonwell8_jdk
提交 2899d8b8 编写于 作者: C chegar
浏览文件
操作

7126960: Add property to limit number of request headers to the HTTP Server 

Reviewed-by: michaelm
上级 9588c551
隐藏空白更改
内联 并排
Showing with 83 addition and 69 deletion
src/share/classes/sun/net/httpserver/Request.java
浏览文件 @ 2899d8b8
...@@ -203,6 +203,13 @@ class Request { ...@@ -203,6 +203,13 @@ class Request {
v = new String(); v = new String();
else else
v = String.copyValueOf(s, keyend, len - keyend); v = String.copyValueOf(s, keyend, len - keyend);
if (hdrs.size() >= ServerConfig.getMaxReqHeaders()) {
throw new IOException("Maximum number of request headers (" +
"sun.net.httpserver.maxReqHeaders) exceeded, " +
ServerConfig.getMaxReqHeaders() + ".");
}
hdrs.add (k,v); hdrs.add (k,v);
len = 0; len = 0;
} }
......
src/share/classes/sun/net/httpserver/ServerConfig.java
浏览文件 @ 2899d8b8
/* /*
* Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
...@@ -25,8 +25,6 @@ ...@@ -25,8 +25,6 @@
package sun.net.httpserver; package sun.net.httpserver;
import com.sun.net.httpserver.*;
import com.sun.net.httpserver.spi.*;
import java.util.logging.Logger; import java.util.logging.Logger;
import java.security.PrivilegedAction; import java.security.PrivilegedAction;
...@@ -37,74 +35,75 @@ import java.security.PrivilegedAction; ...@@ -37,74 +35,75 @@ import java.security.PrivilegedAction;
class ServerConfig { class ServerConfig {
static int clockTick; private static final int DEFAULT_CLOCK_TICK = 10000 ; // 10 sec.
static final int DEFAULT_CLOCK_TICK = 10000 ; // 10 sec.
/* These values must be a reasonable multiple of clockTick */ /* These values must be a reasonable multiple of clockTick */
static final long DEFAULT_IDLE_INTERVAL = 30 ; // 5 min private static final long DEFAULT_IDLE_INTERVAL = 30 ; // 5 min
static final int DEFAULT_MAX_IDLE_CONNECTIONS = 200 ; private static final int DEFAULT_MAX_IDLE_CONNECTIONS = 200 ;
private static final long DEFAULT_MAX_REQ_TIME = -1; // default: forever
private static final long DEFAULT_MAX_RSP_TIME = -1; // default: forever
private static final long DEFAULT_TIMER_MILLIS = 1000;
private static final int DEFAULT_MAX_REQ_HEADERS = 200;
private static final long DEFAULT_DRAIN_AMOUNT = 64 * 1024;
private static int clockTick;
private static long idleInterval;
// The maximum number of bytes to drain from an inputstream
private static long drainAmount;
private static int maxIdleConnections;
// The maximum number of request headers allowable
private static int maxReqHeaders;
// max time a request or response is allowed to take
private static long maxReqTime;
private static long maxRspTime;
private static long timerMillis;
private static boolean debug;
static final long DEFAULT_MAX_REQ_TIME = -1; // default: forever // the value of the TCP_NODELAY socket-level option
static final long DEFAULT_MAX_RSP_TIME = -1; // default: forever private static boolean noDelay;
static final long DEFAULT_TIMER_MILLIS = 1000;
static final long DEFAULT_DRAIN_AMOUNT = 64 * 1024; static {
java.security.AccessController.doPrivileged(
new PrivilegedAction<Void>() {
@Override
public Void run () {
idleInterval = Long.getLong("sun.net.httpserver.idleInterval",
DEFAULT_IDLE_INTERVAL) * 1000;
static long idleInterval; clockTick = Integer.getInteger("sun.net.httpserver.clockTick",
static long drainAmount; // max # of bytes to drain from an inputstream DEFAULT_CLOCK_TICK);
static int maxIdleConnections;
// max time a request or response is allowed to take maxIdleConnections = Integer.getInteger(
static long maxReqTime; "sun.net.httpserver.maxIdleConnections",
static long maxRspTime; DEFAULT_MAX_IDLE_CONNECTIONS);
static long timerMillis;
static boolean debug = false;
static { drainAmount = Long.getLong("sun.net.httpserver.drainAmount",
DEFAULT_DRAIN_AMOUNT);
idleInterval = ((Long)java.security.AccessController.doPrivileged( maxReqHeaders = Integer.getInteger(
new sun.security.action.GetLongAction( "sun.net.httpserver.maxReqHeaders",
"sun.net.httpserver.idleInterval", DEFAULT_MAX_REQ_HEADERS);
DEFAULT_IDLE_INTERVAL))).longValue() * 1000;
maxReqTime = Long.getLong("sun.net.httpserver.maxReqTime",
clockTick = ((Integer)java.security.AccessController.doPrivileged( DEFAULT_MAX_REQ_TIME);
new sun.security.action.GetIntegerAction(
"sun.net.httpserver.clockTick", maxRspTime = Long.getLong("sun.net.httpserver.maxRspTime",
DEFAULT_CLOCK_TICK))).intValue(); DEFAULT_MAX_RSP_TIME);
maxIdleConnections = ((Integer)java.security.AccessController.doPrivileged(
new sun.security.action.GetIntegerAction(
"sun.net.httpserver.maxIdleConnections",
DEFAULT_MAX_IDLE_CONNECTIONS))).intValue();
drainAmount = ((Long)java.security.AccessController.doPrivileged(
new sun.security.action.GetLongAction(
"sun.net.httpserver.drainAmount",
DEFAULT_DRAIN_AMOUNT))).longValue();
maxReqTime = ((Long)java.security.AccessController.doPrivileged(
new sun.security.action.GetLongAction(
"sun.net.httpserver.maxReqTime",
DEFAULT_MAX_REQ_TIME))).longValue();
maxRspTime = ((Long)java.security.AccessController.doPrivileged(
new sun.security.action.GetLongAction(
"sun.net.httpserver.maxRspTime",
DEFAULT_MAX_RSP_TIME))).longValue();
timerMillis = ((Long)java.security.AccessController.doPrivileged(
new sun.security.action.GetLongAction(
"sun.net.httpserver.timerMillis",
DEFAULT_TIMER_MILLIS))).longValue();
debug = ((Boolean)java.security.AccessController.doPrivileged(
new sun.security.action.GetBooleanAction(
"sun.net.httpserver.debug"))).booleanValue();
}
timerMillis = Long.getLong("sun.net.httpserver.timerMillis",
DEFAULT_TIMER_MILLIS);
static void checkLegacyProperties (final Logger logger) { debug = Boolean.getBoolean("sun.net.httpserver.debug");
noDelay = Boolean.getBoolean("sun.net.httpserver.nodelay");
return null;
}
});
}
static void checkLegacyProperties(final Logger logger) {
// legacy properties that are no longer used // legacy properties that are no longer used
// print a warning to logger if they are set. // print a warning to logger if they are set.
...@@ -141,35 +140,43 @@ class ServerConfig { ...@@ -141,35 +140,43 @@ class ServerConfig {
); );
} }
static boolean debugEnabled () { static boolean debugEnabled() {
return debug; return debug;
} }
static long getIdleInterval () { static long getIdleInterval() {
return idleInterval; return idleInterval;
} }
static int getClockTick () { static int getClockTick() {
return clockTick; return clockTick;
} }
static int getMaxIdleConnections () { static int getMaxIdleConnections() {
return maxIdleConnections; return maxIdleConnections;
} }
static long getDrainAmount () { static long getDrainAmount() {
return drainAmount; return drainAmount;
} }
static long getMaxReqTime () { static int getMaxReqHeaders() {
return maxReqHeaders;
}
static long getMaxReqTime() {
return maxReqTime; return maxReqTime;
} }
static long getMaxRspTime () { static long getMaxRspTime() {
return maxRspTime; return maxRspTime;
} }
static long getTimerMillis () { static long getTimerMillis() {
return timerMillis; return timerMillis;
} }
static boolean noDelay() {
return noDelay;
}
} }
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册