Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 7fc43a1

Browse files
author
zhourenjian
committed
Fixed bug that pipe closed by server side will be kept as alive on client-side (browser)
Add request information for SimpleRPC/Pipe Add hash detecting for Simple Pipe to avoid duplicate HTTP request attack
1 parent 62df4f8 commit 7fc43a1

File tree

7 files changed

+168
-3
lines changed

7 files changed

+168
-3
lines changed

sources/net.sf.j2s.ajax/ajaxpipe/net/sf/j2s/ajax/CompoundPipeSession.java

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ public void pipeCreated() {
4040
updateStatus(true);
4141
}
4242
}
43-
43+
4444
@Override
4545
public boolean pipeDestroy() {
4646
if (destroyed) {
@@ -155,6 +155,9 @@ public boolean deal(PipeSessionClosedEvent evt) {
155155
pipe.pipeDestroy();
156156
SimplePipeHelper.removePipe(pipeKey);
157157
}
158+
159+
this.pipeClosed();
160+
158161
return true;
159162
}
160163

sources/net.sf.j2s.ajax/ajaxpipe/net/sf/j2s/ajax/SimplePipeHelper.java

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -73,7 +73,7 @@ public static void registerPipe(String key, SimplePipeRunnable pipe) {
7373
* Server side
7474
*/
7575
@J2SIgnore
76-
static String registerPipe(SimplePipeRunnable pipe) {
76+
synchronized static String registerPipe(SimplePipeRunnable pipe) {
7777
if (pipe.pipeKey != null) {
7878
System.out.println("ERROR!!! pipeKey should be null here! " + pipe.pipeKey);
7979
}
@@ -82,7 +82,6 @@ static String registerPipe(SimplePipeRunnable pipe) {
8282
pipes = Collections.synchronizedMap(new HashMap<String, SimplePipeRunnable>(50));
8383
}
8484

85-
// TODO: Synchronize pipe key
8685
String key = nextPipeKey();
8786
while (pipes.get(key) != null) {
8887
key = nextPipeKey();;
@@ -153,6 +152,20 @@ public static SimplePipeRunnable getPipe(String key) {
153152
if (pipes == null || key == null) return null;
154153
return pipes.get(key);
155154
}
155+
156+
// Use this method to avoid HTTP repeat attacks
157+
@J2SIgnore
158+
public static boolean isPipeHashOK(String key, long hash) {
159+
SimplePipeRunnable p = getPipe(key);
160+
if (p == null) {
161+
return false;
162+
}
163+
if (p.lastHash >= hash) {
164+
return false;
165+
}
166+
p.lastHash = hash;
167+
return true;
168+
}
156169

157170
@J2SIgnore
158171
public static List<SimpleSerializable> getPipeDataList(String key) {

sources/net.sf.j2s.ajax/ajaxpipe/net/sf/j2s/ajax/SimplePipeRunnable.java

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -49,6 +49,9 @@ public abstract class SimplePipeRunnable extends SimpleRPCRunnable {
4949
@J2SIgnore
5050
long lastLiveDetected;
5151

52+
@J2SIgnore
53+
long lastHash;
54+
5255
@J2SIgnore
5356
public void setPipeHelper(SimplePipeHelper.IPipeThrough helper) {
5457
pipeManaged = true;

sources/net.sf.j2s.ajax/ajaxrpc/net/sf/j2s/ajax/ISimpleGeoLocation.java

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
/*******************************************************************************
2+
* Copyright (c) 2010 java2script.org and others.
3+
* All rights reserved. This program and the accompanying materials
4+
* are made available under the terms of the Eclipse Public License v1.0
5+
* which accompanies this distribution, and is available at
6+
* http://www.eclipse.org/legal/epl-v10.html
7+
*
8+
* Contributors:
9+
* Zhou Renjian - initial API and implementation
10+
*******************************************************************************/
11+
12+
package net.sf.j2s.ajax;
13+
14+
15+
/**
16+
* Providing geo location information for given Simple RPC or Simple Pipe.
17+
* For server side only.
18+
*
19+
* @author zhou renjian
20+
*
21+
* 2010-04-18
22+
*/
23+
public interface ISimpleGeoLocation {
24+
25+
public double getLatitude();
26+
27+
public double getLongtitude();
28+
29+
public double getAltitude();
30+
31+
public String getLocation();
32+
33+
public String getCity();
34+
35+
public String getCountryOrRegion();
36+
37+
}

sources/net.sf.j2s.ajax/ajaxrpc/net/sf/j2s/ajax/ISimpleGeoLocationBinding.java

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
/*******************************************************************************
2+
* Copyright (c) 2010 java2script.org and others.
3+
* All rights reserved. This program and the accompanying materials
4+
* are made available under the terms of the Eclipse Public License v1.0
5+
* which accompanies this distribution, and is available at
6+
* http://www.eclipse.org/legal/epl-v10.html
7+
*
8+
* Contributors:
9+
* Zhou Renjian - initial API and implementation
10+
*******************************************************************************/
11+
12+
package net.sf.j2s.ajax;
13+
14+
15+
/**
16+
* Providing geo location information for given Simple RPC or Simple Pipe.
17+
* For server side only.
18+
*
19+
* @author zhou renjian
20+
*
21+
* 2010-04-18
22+
*/
23+
public interface ISimpleGeoLocationBinding {
24+
25+
public void setLatitude(double latitude);
26+
27+
public void setLongtitude(double longtitude);
28+
29+
public void setAltitude(double altitude);
30+
31+
public void setLocation(String location);
32+
33+
public void setCity(String city);
34+
35+
public void setCountryOrRegion(String region);
36+
37+
}

sources/net.sf.j2s.ajax/ajaxrpc/net/sf/j2s/ajax/ISimpleRequestInfo.java

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
/*******************************************************************************
2+
* Copyright (c) 2010 java2script.org and others.
3+
* All rights reserved. This program and the accompanying materials
4+
* are made available under the terms of the Eclipse Public License v1.0
5+
* which accompanies this distribution, and is available at
6+
* http://www.eclipse.org/legal/epl-v10.html
7+
*
8+
* Contributors:
9+
* Zhou Renjian - initial API and implementation
10+
*******************************************************************************/
11+
12+
package net.sf.j2s.ajax;
13+
14+
/**
15+
* Providing request information for given Simple RPC or Simple Pipe.
16+
* For server side only.
17+
*
18+
* @author zhou renjian
19+
*
20+
* 2010-04-18
21+
*/
22+
public interface ISimpleRequestInfo {
23+
24+
public String getRemoteUserAgent();
25+
26+
public String getReferer();
27+
28+
public String getRequestURL();
29+
30+
public String getRequestHost();
31+
32+
public String getRemoteIP();
33+
34+
public String[] getLanguages();
35+
36+
}

sources/net.sf.j2s.ajax/ajaxrpc/net/sf/j2s/ajax/ISimpleRequestInfoBinding.java

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
/*******************************************************************************
2+
* Copyright (c) 2010 java2script.org and others.
3+
* All rights reserved. This program and the accompanying materials
4+
* are made available under the terms of the Eclipse Public License v1.0
5+
* which accompanies this distribution, and is available at
6+
* http://www.eclipse.org/legal/epl-v10.html
7+
*
8+
* Contributors:
9+
* Zhou Renjian - initial API and implementation
10+
*******************************************************************************/
11+
12+
package net.sf.j2s.ajax;
13+
14+
/**
15+
* Providing request information for given Simple RPC or Simple Pipe.
16+
* For server side only.
17+
*
18+
* @author zhou renjian
19+
*
20+
* 2010-04-18
21+
*/
22+
public interface ISimpleRequestInfoBinding {
23+
24+
public void setRemoteUserAgent(String userAgent);
25+
26+
public void setReferer(String referer);
27+
28+
public void setRequestURL(String url);
29+
30+
public void setRequestHost(String host);
31+
32+
public void setRemoteIP(String ip);
33+
34+
public void setLanguages(String[] language);
35+
36+
}

0 commit comments

Comments
 (0)