packages/jetty
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
jetty/CVE-2024-6762.patch
starlet-dx 7cf09c0a75 Fix CVE-2024-6762 
(cherry picked from commit 67f568f26c313f06108f65fa54970dcd4d32fabb)
2024-11-05 22:00:23 +08:00

61 lines
2.5 KiB
Diff
Raw Permalink Blame History

From c9fb33ab85959921ff3183311587af02772dda89 Mon Sep 17 00:00:00 2001
From: Lachlan Roberts <lachlan@webtide.com>
Date: Mon, 1 May 2023 14:40:35 +1000
Subject: [PATCH 1/2] deprecate PushSessionCacheFilter
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
---
.../java/org/eclipse/jetty/servlets/PushSessionCacheFilter.java | 1 +
1 file changed, 1 insertion(+)
diff --git a/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/PushSessionCacheFilter.java b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/PushSessionCacheFilter.java
index 4fa0ea1028cb..9950dce98bda 100644
--- a/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/PushSessionCacheFilter.java
+++ b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/PushSessionCacheFilter.java
@@ -41,6 +41,7 @@
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
+@Deprecated
public class PushSessionCacheFilter implements Filter
{
private static final String TARGET_ATTR = "PushCacheFilter.target";
From 2588cedddca989b6b96e6954ae6e8fc8f3e1c487 Mon Sep 17 00:00:00 2001
From: Lachlan Roberts <lachlan@webtide.com>
Date: Tue, 2 May 2023 12:02:12 +1000
Subject: [PATCH 2/2] update javadoc and add log warning message for
PushSessionCacheFilter
Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
---
.../eclipse/jetty/servlets/PushSessionCacheFilter.java | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/PushSessionCacheFilter.java b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/PushSessionCacheFilter.java
index 9950dce98bda..81b85cb2b85e 100644
--- a/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/PushSessionCacheFilter.java
+++ b/jetty-servlets/src/main/java/org/eclipse/jetty/servlets/PushSessionCacheFilter.java
@@ -41,6 +41,9 @@
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
+/**
+ * @deprecated no replacement for this deprecated http feature
+ */
@Deprecated
public class PushSessionCacheFilter implements Filter
{
@@ -50,6 +53,11 @@ public class PushSessionCacheFilter implements Filter
private final ConcurrentMap<String, Target> _cache = new ConcurrentHashMap<>();
private long _associateDelay = 5000L;
+ public PushSessionCacheFilter()
+ {
+ LOG.warn(PushSessionCacheFilter.class.getSimpleName() + " is an example class not suitable for production.");
+ }
+
@Override
public void init(FilterConfig config) throws ServletException
{
Reference in New Issue View Git Blame Copy Permalink