Author: tmckay
Date: 2013-12-20 16:33:21 +0000 (Fri, 20 Dec 2013)
New Revision: 5788
Modified:
branches/statusquo/cumin/bin/cumin-web
branches/statusquo/cumin/python/cumin/config.py
branches/statusquo/cumin/python/cumin/main.py
branches/statusquo/wooly/python/wooly/server.py
Log:
Allow configurable limit on uri length
BZ983134
Modified: branches/statusquo/cumin/bin/cumin-web
===================================================================
--- branches/statusquo/cumin/bin/cumin-web 2013-11-05 14:04:07 UTC (rev 5787)
+++ branches/statusquo/cumin/bin/cumin-web 2013-12-20 16:33:21 UTC (rev 5788)
@@ -219,6 +219,9 @@
set_ldap_configs(cumin, values)
set_kerberos_configs(cumin, values)
+ # Set max_uri to 0 for unlimited...
+ cumin.max_uri = values.max_uri
+
# Not used right now
#cumin.auth_create_ondemand = values.auth_create_ondemand
#cumin.auth_proxy = values.auth_proxy
Modified: branches/statusquo/cumin/python/cumin/config.py
===================================================================
--- branches/statusquo/cumin/python/cumin/config.py 2013-11-05 14:04:07 UTC (rev 5787)
+++ branches/statusquo/cumin/python/cumin/config.py 2013-12-20 16:33:21 UTC (rev 5788)
@@ -275,6 +275,11 @@
param = ConfigParameter(self, "force-html-doctype", bool)
param.default = False
+ # Undocumented. Server generates 414 errors if uri length
+ # is longer than this value. 0 means unlimited.
+ param = ConfigParameter(self, "max-uri", int)
+ param.default = 2048
+
class CuminDataConfigSection(BrokeredConfigSection):
def __init__(self, config, name, strict_section=False):
super(CuminDataConfigSection, self).__init__(config, name,
Modified: branches/statusquo/cumin/python/cumin/main.py
===================================================================
--- branches/statusquo/cumin/python/cumin/main.py 2013-11-05 14:04:07 UTC (rev 5787)
+++ branches/statusquo/cumin/python/cumin/main.py 2013-12-20 16:33:21 UTC (rev 5788)
@@ -118,6 +118,8 @@
self.wallaby_broker = None
self.wallaby_refresh = 60
+ self.max_uri = 2048
+
def server_alive(self):
return self.server.server_alive()
@@ -179,6 +181,8 @@
def init(self, schema_version_check=True):
log.info("Initializing %s", self)
+ self.server.max_uri = self.max_uri
+
# Do this initialization as late as possible so that
# the application can set config values.
self.authenticator = CuminAuthenticator(self)
Modified: branches/statusquo/wooly/python/wooly/server.py
===================================================================
--- branches/statusquo/wooly/python/wooly/server.py 2013-11-05 14:04:07 UTC (rev 5787)
+++ branches/statusquo/wooly/python/wooly/server.py 2013-12-20 16:33:21 UTC (rev 5788)
@@ -42,6 +42,7 @@
self.client_sessions_by_id = dict()
self.client_session_expire_thread = ClientSessionExpireThread(self)
self.stop_requested = False
+ self.max_uri = 0
def server_alive(self):
return self.dispatch_thread.isAlive()
@@ -96,17 +97,29 @@
return then
def service_request(self, env, response):
- msg = "Request %s %s" % (env["REQUEST_METHOD"],
env["REQUEST_URI"])
- log.info(msg)
- page = self.get_page(env)
- if page and not self.stop_requested:
- status, headers, content = self.service_page_request(page, env)
- else:
- status = "404 Not Found"
+ url_len = len(env["REQUEST_URI"])
+ if self.max_uri and url_len > self.max_uri:
+ msg = "Request(%s) longer than max_uri(%s) %s %s ..." % \
+ (url_len, self.max_uri,
+ env["REQUEST_METHOD"], env["REQUEST_URI"][:64])
+
+ log.debug(msg)
+ status = "414 Request-URI too long"
headers = ()
content = ""
+ else:
+ msg = "Request %s %s" % (env["REQUEST_METHOD"],
env["REQUEST_URI"])
+ log.info(msg)
+ page = self.get_page(env)
+ if page and not self.stop_requested:
+ status, headers, content = self.service_page_request(page, env)
+ else:
+ status = "404 Not Found"
+ headers = ()
+ content = ""
+
response(status, headers)
log.info("Response %s", status)
Show replies by date