On 5/2/05, George Sexton <[EMAIL PROTECTED]> wrote: > I have completed the coding in o.a.t.u.http.mapper.Mapper to implement > wild-card aliases. > > If a request for a host is made, and that host is not found, the code tests > the host and aliases list and looks for wild-cards. > > So, a host name of www.mydomain.com would match an alias of *.mydomain.com. > This additional level of testing is only done if the the presented host name > is not found in the standard host list. Once a host is found via wild-card, > it is added to the standard host list. Subsequent requests for that host > name will find it via the standard search mechanism. >
Is there any provision to things from the host list or to limit its size? It seems the behavior of adding wild-card matches to the host list can be easily exploited in a denial of service attack by simply requesting a lot of different host names matching some wild-card until the host list consume all available memory. Jin Yu --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]