Author: tmckay Date: 2013-12-20 16:33:21 +0000 (Fri, 20 Dec 2013) New Revision: 5788
Modified: branches/statusquo/cumin/bin/cumin-web branches/statusquo/cumin/python/cumin/config.py branches/statusquo/cumin/python/cumin/main.py branches/statusquo/wooly/python/wooly/server.py Log: Allow configurable limit on uri length BZ983134
Modified: branches/statusquo/cumin/bin/cumin-web =================================================================== --- branches/statusquo/cumin/bin/cumin-web 2013-11-05 14:04:07 UTC (rev 5787) +++ branches/statusquo/cumin/bin/cumin-web 2013-12-20 16:33:21 UTC (rev 5788) @@ -219,6 +219,9 @@ set_ldap_configs(cumin, values) set_kerberos_configs(cumin, values)
+ # Set max_uri to 0 for unlimited... + cumin.max_uri = values.max_uri + # Not used right now #cumin.auth_create_ondemand = values.auth_create_ondemand #cumin.auth_proxy = values.auth_proxy
Modified: branches/statusquo/cumin/python/cumin/config.py =================================================================== --- branches/statusquo/cumin/python/cumin/config.py 2013-11-05 14:04:07 UTC (rev 5787) +++ branches/statusquo/cumin/python/cumin/config.py 2013-12-20 16:33:21 UTC (rev 5788) @@ -275,6 +275,11 @@ param = ConfigParameter(self, "force-html-doctype", bool) param.default = False
+ # Undocumented. Server generates 414 errors if uri length + # is longer than this value. 0 means unlimited. + param = ConfigParameter(self, "max-uri", int) + param.default = 2048 + class CuminDataConfigSection(BrokeredConfigSection): def __init__(self, config, name, strict_section=False): super(CuminDataConfigSection, self).__init__(config, name,
Modified: branches/statusquo/cumin/python/cumin/main.py =================================================================== --- branches/statusquo/cumin/python/cumin/main.py 2013-11-05 14:04:07 UTC (rev 5787) +++ branches/statusquo/cumin/python/cumin/main.py 2013-12-20 16:33:21 UTC (rev 5788) @@ -118,6 +118,8 @@ self.wallaby_broker = None self.wallaby_refresh = 60
+ self.max_uri = 2048 + def server_alive(self): return self.server.server_alive()
@@ -179,6 +181,8 @@ def init(self, schema_version_check=True): log.info("Initializing %s", self)
+ self.server.max_uri = self.max_uri + # Do this initialization as late as possible so that # the application can set config values. self.authenticator = CuminAuthenticator(self)
Modified: branches/statusquo/wooly/python/wooly/server.py =================================================================== --- branches/statusquo/wooly/python/wooly/server.py 2013-11-05 14:04:07 UTC (rev 5787) +++ branches/statusquo/wooly/python/wooly/server.py 2013-12-20 16:33:21 UTC (rev 5788) @@ -42,6 +42,7 @@ self.client_sessions_by_id = dict() self.client_session_expire_thread = ClientSessionExpireThread(self) self.stop_requested = False + self.max_uri = 0
def server_alive(self): return self.dispatch_thread.isAlive() @@ -96,17 +97,29 @@ return then
def service_request(self, env, response): - msg = "Request %s %s" % (env["REQUEST_METHOD"], env["REQUEST_URI"]) - log.info(msg) - page = self.get_page(env)
- if page and not self.stop_requested: - status, headers, content = self.service_page_request(page, env) - else: - status = "404 Not Found" + url_len = len(env["REQUEST_URI"]) + if self.max_uri and url_len > self.max_uri: + msg = "Request(%s) longer than max_uri(%s) %s %s ..." % \ + (url_len, self.max_uri, + env["REQUEST_METHOD"], env["REQUEST_URI"][:64]) + + log.debug(msg) + status = "414 Request-URI too long" headers = () content = "" + else: + msg = "Request %s %s" % (env["REQUEST_METHOD"], env["REQUEST_URI"]) + log.info(msg) + page = self.get_page(env)
+ if page and not self.stop_requested: + status, headers, content = self.service_page_request(page, env) + else: + status = "404 Not Found" + headers = () + content = "" + response(status, headers)
log.info("Response %s", status)
cumin-developers@lists.fedorahosted.org