[Seaside] Combating a possible DoS attack.

Nevin Pratt nevin at bountifulbaby.com
Fri Jan 11 20:36:07 UTC 2008

The following code, if inserted into the initial Seaside processing, I 
would think *should* help guard against a DoS attack.  In this example, 
'MemCheckCounter' is a class variable.  I thought I would post this to 
see what comments (if any) it generates.



    "Every 'freq' requests, check and see if the image has grown bigger  
    than 'tooBig' number of bytes, and if so, clear all of the Seaside  
    handlers to release memory, and then garbage collection. Don't make  
    the check any more often than one out of every 'freq' times, just to be
    more efficient. If we don't do this, and if we get a DoS attack, memory
    will otherwise grow until the image hangs."
    | tooBig freq |
    freq _ 25.
    tooBig _ 190000000.
    MemCheckCounter isNil
        ifTrue: [MemCheckCounter _ 0].
    MemCheckCounter _ MemCheckCounter + 1.
    MemCheckCounter > freq
        ifTrue: [MemCheckCounter _ 1.
            (Smalltalk getVMParameters at: 3)
                    > tooBig
                ifTrue: [WADispatcher default entryPoints
                        do: [:ea | (ea respondsTo: #clearHandlers)
                                ifTrue: [ea clearHandlers]].
                    Smalltalk garbageCollect]]

More information about the seaside mailing list