Hello Mark
Thanks for the info.
- Ganesh
On Fri, Dec 23, 2011 at 3:30 PM, Mark Thomas wrote:
> On 23/12/2011 19:45, Ganesh Dhakshinamurthy wrote:
> >>
> >> Hi
> >> I recently came across an issue reported regarding the LRU
> >> cache implementation in CsrfPreventionFilter. It was reported that
On 23/12/2011 19:45, Ganesh Dhakshinamurthy wrote:
>>
>> Hi
>> I recently came across an issue reported regarding the LRU
>> cache implementation in CsrfPreventionFilter. It was reported that FIFO was
>> implemented instead of LRU. We are facing an issue in our application due
>> this, [Nonce token
>
> Hi
> I recently came across an issue reported regarding the LRU
> cache implementation in CsrfPreventionFilter. It was reported that FIFO was
> implemented instead of LRU. We are facing an issue in our application due
> this, [Nonce tokens getting rejected]. I searched in the bugs database to
>
On Fri, Nov 4, 2011 at 20:23, Mark Thomas wrote:
[...]
>
> I think the thing to do here is to work out what the 'best' solution is
> and fix the docs/code accordingly. I think LRU is the way to go in which
> case the current code needs fixing.
>
I see more arguments for the LRU case: when a CSRF
On 04/11/2011 13:14, Pete Gould wrote:
> Hi,
>
> I have recently been using
> the org.apache.catalina.filters.CsrfPreventionFilter, and I notice that the
> documentation for setNonceCacheSize states:
>
> "Sets the number of previously issued nonces that will be cached on a
> LRU basis to support
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Pete,
On 11/4/11 1:06 PM, Pete Gould wrote:
> Okay, great. I guess that I should raise a bug for this then.
>
> The reason that I think that add() needs to change is that it used
> to be:
>
> cache.put(key, null);
>
> and therefore cache.contains()
Hi,
Okay, great. I guess that I should raise a bug for this then.
The reason that I think that add() needs to change is that it used to be:
cache.put(key, null);
and therefore cache.contains() would return null as it would have to change
to use get(). This is because we can no longer use cont
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Pete,
On 11/4/11 9:14 AM, Pete Gould wrote:
> I have recently been using the
> org.apache.catalina.filters.CsrfPreventionFilter, and I notice that
> the documentation for setNonceCacheSize states:
>
> "Sets the number of previously issued nonces that
Hi,
I have recently been using
the org.apache.catalina.filters.CsrfPreventionFilter, and I notice that the
documentation for setNonceCacheSize states:
"Sets the number of previously issued nonces that will be cached on a
LRU basis to support parallel requests..."
However, looking at the implemen
