Jan Riehn created WICKET-4841:
---------------------------------
Summary: Frequent faked AJAX requests prevent monitoring
Key: WICKET-4841
URL: https://issues.apache.org/jira/browse/WICKET-4841
Project: Wicket
Issue Type: Bug
Components: wicket
Affects Versions: 1.5.8
Reporter: Jan Riehn
Hello,
currently we've got a problem with faked ajax requests. these ajax
requests misses some parameters, but the wicket-ajax header flag is set.
So ServletWebRequest throws an exception:
java.lang.IllegalStateException: Current ajax request is missing the base url
header or parameter
at org.apache.wicket.util.lang.Checks.notNull(Checks.java:38)
at
org.apache.wicket.protocol.http.servlet.ServletWebRequest.getClientUrl(ServletWebRequest.java:171)
at org.apache.wicket.request.UrlRenderer.<init>(UrlRenderer.java:59)
These faked requests are so massive, that our application is no longer
monitorable. Our workaround rejects these requests via apache config.
Instead of logging an exception, in deployment mode wicket should log a warning
a reject the request
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
