Mercurial > urweb
annotate tests/cookieSec.ur @ 2071:739172204214
Introduce recv timeout controlled by '-T' option in http.c
This should prevent a DDoS attack where attacker and keeps the connection open
but send no data.
author | Sergey Mironov <grrwlf@gmail.com> |
---|---|
date | Tue, 02 Sep 2014 17:42:10 +0000 |
parents | f2a2be93331c |
children |
rev | line source |
---|---|
adamc@734 | 1 table t : {Id : int} |
adamc@734 | 2 |
adamc@734 | 3 cookie c : int |
adamc@734 | 4 |
adamc@734 | 5 fun setter r = |
adamc@734 | 6 setCookie c (readError r.Id); |
adamc@734 | 7 return <xml>Done</xml> |
adamc@734 | 8 |
adamc@734 | 9 fun writer () = |
adamc@734 | 10 ido <- getCookie c; |
adamc@734 | 11 case ido of |
adamc@734 | 12 None => error <xml>No cookie</xml> |
adamc@734 | 13 | Some id => dml (INSERT INTO t (Id) VALUES ({[id]})); |
adamc@734 | 14 return <xml>Done</xml> |
adamc@734 | 15 |
adamc@734 | 16 fun main () = return <xml><body> |
adamc@734 | 17 <form> |
adamc@734 | 18 <textbox{#Id}/> <submit value="Get cookie" action={setter}/> |
adamc@734 | 19 </form> |
adamc@734 | 20 |
adamc@734 | 21 <form> |
adamc@734 | 22 <submit value="Write to database" action={writer}/> |
adamc@734 | 23 </form> |
adamc@734 | 24 </body></xml> |