Mercurial > urweb
view tests/cookieSec.ur @ 2071:739172204214
Introduce recv timeout controlled by '-T' option in http.c
This should prevent a DDoS attack where attacker and keeps the connection open
but send no data.
author | Sergey Mironov <grrwlf@gmail.com> |
---|---|
date | Tue, 02 Sep 2014 17:42:10 +0000 |
parents | f2a2be93331c |
children |
line wrap: on
line source
table t : {Id : int} cookie c : int fun setter r = setCookie c (readError r.Id); return <xml>Done</xml> fun writer () = ido <- getCookie c; case ido of None => error <xml>No cookie</xml> | Some id => dml (INSERT INTO t (Id) VALUES ({[id]})); return <xml>Done</xml> fun main () = return <xml><body> <form> <textbox{#Id}/> <submit value="Get cookie" action={setter}/> </form> <form> <submit value="Write to database" action={writer}/> </form> </body></xml>