"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "zxingorg/src/main/java/com/google/zxing/web/DoSFilter.java" between
zxing-zxing-3.4.0.tar.gz and zxing-zxing-3.4.1.tar.gz

About: ZXing ("zebra crossing") is a multi-format 1D/2D barcode image processing library implemented in Java, with ports to other languages.

DoSFilter.java  (zxing-zxing-3.4.0)	:	DoSFilter.java  (zxing-zxing-3.4.1)
skipping to change at line 48		skipping to change at line 48
*/		*/
public abstract class DoSFilter implements Filter {		public abstract class DoSFilter implements Filter {
private Timer timer;		private Timer timer;
private DoSTracker sourceAddrTracker;		private DoSTracker sourceAddrTracker;
@Override		@Override
public void init(FilterConfig filterConfig) {		public void init(FilterConfig filterConfig) {
int maxAccessPerTime = Integer.parseInt(filterConfig.getInitParameter("maxAc cessPerTime"));		int maxAccessPerTime = Integer.parseInt(filterConfig.getInitParameter("maxAc cessPerTime"));
Preconditions.checkArgument(maxAccessPerTime > 0);		Preconditions.checkArgument(maxAccessPerTime > 0);
int accessTimeSec = Integer.parseInt(filterConfig.getInitParameter("accessTi meSec"));		int accessTimeSec = Integer.parseInt(filterConfig.getInitParameter("accessTi meSec"));
Preconditions.checkArgument(accessTimeSec > 0);		Preconditions.checkArgument(accessTimeSec > 0);
long accessTimeMS = TimeUnit.MILLISECONDS.convert(accessTimeSec, TimeUnit.SE CONDS);		long accessTimeMS = TimeUnit.MILLISECONDS.convert(accessTimeSec, TimeUnit.SE CONDS);
int maxEntries = Integer.parseInt(filterConfig.getInitParameter("maxEntries"
));		String maxEntriesValue = filterConfig.getInitParameter("maxEntries");
Preconditions.checkArgument(maxEntries > 0);		int maxEntries = Integer.MAX_VALUE;
		if (maxEntriesValue != null) {
		maxEntries = Integer.parseInt(maxEntriesValue);
		Preconditions.checkArgument(maxEntries > 0);
		}
		String maxLoadValue = filterConfig.getInitParameter("maxLoad");
		Double maxLoad = null;
		if (maxLoadValue != null) {
		maxLoad = Double.valueOf(maxLoadValue);
		Preconditions.checkArgument(maxLoad > 0.0);
		}
String name = getClass().getSimpleName();		String name = getClass().getSimpleName();
timer = new Timer(name);		timer = new Timer(name);
sourceAddrTracker = new DoSTracker(timer, name, maxAccessPerTime, accessTime MS, maxEntries);		sourceAddrTracker = new DoSTracker(timer, name, maxAccessPerTime, accessTime MS, maxEntries, maxLoad);
}		}
@Override		@Override
public void doFilter(ServletRequest request,		public void doFilter(ServletRequest request,
ServletResponse response,		ServletResponse response,
FilterChain chain) throws IOException, ServletException {		FilterChain chain) throws IOException, ServletException {
if (isBanned((HttpServletRequest) request)) {		if (isBanned((HttpServletRequest) request)) {
HttpServletResponse servletResponse = (HttpServletResponse) response;		HttpServletResponse servletResponse = (HttpServletResponse) response;
// Send very short response as requests may be very frequent		// Send very short response as requests may be very frequent
servletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);		servletResponse.setStatus(429); // 429 = Too Many Requests from RFC 6585
servletResponse.getWriter().write("Forbidden");		servletResponse.getWriter().write("Forbidden");
} else {		} else {
chain.doFilter(request, response);		chain.doFilter(request, response);
}		}
}		}
private boolean isBanned(HttpServletRequest request) {		private boolean isBanned(HttpServletRequest request) {
String remoteHost = request.getHeader("x-forwarded-for");		String remoteHost = request.getHeader("x-forwarded-for");
if (remoteHost != null) {		if (remoteHost != null) {
int comma = remoteHost.indexOf(',');		int comma = remoteHost.indexOf(',');
End of changes. 4 change blocks.
5 lines changed or deleted		17 lines changed or added

---