#3731: Update cookie handling with vanilla limits and don't allow unrequested cookies

This commit is contained in:
Outfluencer 2024-08-24 12:27:05 +02:00 committed by md_5
parent 534148763f
commit e1d4b6adc7
No known key found for this signature in database
GPG Key ID: E8E901AC7C617C11
2 changed files with 5 additions and 1 deletions

View File

@ -23,7 +23,7 @@ public class CookieResponse extends DefinedPacket
public void read(ByteBuf buf, ProtocolConstants.Direction direction, int protocolVersion) public void read(ByteBuf buf, ProtocolConstants.Direction direction, int protocolVersion)
{ {
cookie = readString( buf ); cookie = readString( buf );
data = readNullable( DefinedPacket::readArray, buf ); data = readNullable( read -> DefinedPacket.readArray( read, 5120 ), buf );
} }
@Override @Override

View File

@ -716,6 +716,10 @@ public class InitialHandler extends PacketHandler implements PendingConnection
throw CancelSendSignal.INSTANCE; throw CancelSendSignal.INSTANCE;
} }
// if there is no userCon we can't have a connection to a backend server that could have requested this cookie
// which means that this cookie is invalid as the proxy also has not requested it
Preconditions.checkState( userCon != null, "not requested cookie received" );
} }
@Override @Override