From 985b16274f46374feb315b54605a598d27caa3d9 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Wed, 9 Aug 2017 17:25:42 +0200 Subject: Pac: Force caching of at least one hour, ignore scripts > 20kb --- .../java/com/btr/proxy/selector/pac/PacProxySelector.java | 1 - .../java/com/btr/proxy/selector/pac/UrlPacScriptSource.java | 13 +++++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/btr/proxy/selector/pac/PacProxySelector.java b/src/main/java/com/btr/proxy/selector/pac/PacProxySelector.java index a8441d6..d1c9261 100644 --- a/src/main/java/com/btr/proxy/selector/pac/PacProxySelector.java +++ b/src/main/java/com/btr/proxy/selector/pac/PacProxySelector.java @@ -9,7 +9,6 @@ import java.net.URI; import java.util.ArrayList; import java.util.List; -import com.btr.proxy.selector.direct.NoProxySelector; import com.btr.proxy.util.Logger; import com.btr.proxy.util.Logger.LogLevel; import com.btr.proxy.util.MiscUtil; diff --git a/src/main/java/com/btr/proxy/selector/pac/UrlPacScriptSource.java b/src/main/java/com/btr/proxy/selector/pac/UrlPacScriptSource.java index 085d056..5732033 100644 --- a/src/main/java/com/btr/proxy/selector/pac/UrlPacScriptSource.java +++ b/src/main/java/com/btr/proxy/selector/pac/UrlPacScriptSource.java @@ -29,6 +29,7 @@ public class UrlPacScriptSource implements PacScriptSource { private static final int DEFAULT_READ_TIMEOUT = 2 * 1000; // seconds public static final String OVERRIDE_CONNECT_TIMEOUT = "com.btr.proxy.url.connectTimeout"; public static final String OVERRIDE_READ_TIMEOUT = "com.btr.proxy.url.readTimeout"; + private static final long MAX_SCRIPT_SIZE = 20 * 1000; // 20kb ought to be enough for everybody private final String scriptUrl; private String scriptContent; @@ -60,6 +61,7 @@ public class UrlPacScriptSource implements PacScriptSource { } else { this.scriptContent = downloadPacContent(this.scriptUrl); } + Logger.log(getClass(), LogLevel.TRACE, "PAC script:\n{0}", this.scriptContent); } catch (IOException e) { Logger.log(getClass(), LogLevel.ERROR, "Loading script failed from: {0} with error {1}", this.scriptUrl, e); this.scriptContent = ""; @@ -122,8 +124,16 @@ public class UrlPacScriptSource implements PacScriptSource { if (con.getResponseCode() != 200) { throw new IOException("Server returned: "+con.getResponseCode()+" "+con.getResponseMessage()); } + if (con.getContentLengthLong() > MAX_SCRIPT_SIZE) { + throw new IOException("Script too large: " + con.getContentLengthLong() + " bytes"); + } // Read expire date. this.expireAtMillis = con.getExpiration(); + long now = System.currentTimeMillis(); + if (this.expireAtMillis != 0 && this.expireAtMillis < now + 3600000) { + // Cache at least one hour + this.expireAtMillis = now + 3600000; + } BufferedReader r = getReader(con); String result = readAllContent(r); @@ -158,6 +168,9 @@ public class UrlPacScriptSource implements PacScriptSource { String line; while ((line = r.readLine()) != null) { result.append(line).append("\n"); + if (result.length() > MAX_SCRIPT_SIZE) { + throw new IOException("Script too large, exceeds " + MAX_SCRIPT_SIZE + " bytes."); + } } return result.toString(); } -- cgit v1.2.3-55-g7522