[Seaside] Combating a possible DoS attack.
nevin at bountifulbaby.com
Fri Jan 11 20:36:07 UTC 2008
The following code, if inserted into the initial Seaside processing, I
would think *should* help guard against a DoS attack. In this example,
'MemCheckCounter' is a class variable. I thought I would post this to
see what comments (if any) it generates.
"Every 'freq' requests, check and see if the image has grown bigger
than 'tooBig' number of bytes, and if so, clear all of the Seaside
handlers to release memory, and then garbage collection. Don't make
the check any more often than one out of every 'freq' times, just to be
more efficient. If we don't do this, and if we get a DoS attack, memory
will otherwise grow until the image hangs."
| tooBig freq |
freq _ 25.
tooBig _ 190000000.
ifTrue: [MemCheckCounter _ 0].
MemCheckCounter _ MemCheckCounter + 1.
MemCheckCounter > freq
ifTrue: [MemCheckCounter _ 1.
(Smalltalk getVMParameters at: 3)
ifTrue: [WADispatcher default entryPoints
do: [:ea | (ea respondsTo: #clearHandlers)
ifTrue: [ea clearHandlers]].
More information about the seaside