This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 258162cf4b8209060e8d85d2e289feeaad4c726a
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Tue May 10 16:13:31 2022 +0100
Clean up - no functional change
---
.../catalina/filters/CsrfPreventionFilter.java | 21 ++++++++++-----------
1 file changed, 10 insertions(+), 11 deletions(-)
diff --git a/java/org/apache/catalina/filters/CsrfPreventionFilter.java
b/java/org/apache/catalina/filters/CsrfPreventionFilter.java
index 569f583617..fce6a99d96 100644
--- a/java/org/apache/catalina/filters/CsrfPreventionFilter.java
+++ b/java/org/apache/catalina/filters/CsrfPreventionFilter.java
@@ -123,11 +123,10 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
NonceCache<String> nonceCache = (session == null) ? null :
getNonceCache(req, session);
if (!skipNonceCheck(req)) {
- String previousNonce =
- req.getParameter(nonceRequestParameterName);
+ String previousNonce =
req.getParameter(nonceRequestParameterName);
- if(previousNonce == null) {
- if(log.isDebugEnabled()) {
+ if (previousNonce == null) {
+ if (log.isDebugEnabled()) {
log.debug("Rejecting request for " +
getRequestedPath(req)
+ ", session "
+ (null == session ? "(none)" :
session.getId())
@@ -136,8 +135,8 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
res.sendError(getDenyStatus());
return;
- } else if(nonceCache == null) {
- if(log.isDebugEnabled()) {
+ } else if (nonceCache == null) {
+ if (log.isDebugEnabled()) {
log.debug("Rejecting request for " +
getRequestedPath(req)
+ ", session "
+ (null == session ? "(none)" :
session.getId())
@@ -146,8 +145,8 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
res.sendError(getDenyStatus());
return;
- } else if(!nonceCache.contains(previousNonce)) {
- if(log.isDebugEnabled()) {
+ } else if (!nonceCache.contains(previousNonce)) {
+ if (log.isDebugEnabled()) {
log.debug("Rejecting request for " +
getRequestedPath(req)
+ ", session "
+ (null == session ? "(none)" :
session.getId())
@@ -157,7 +156,7 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
res.sendError(getDenyStatus());
return;
}
- if(log.isTraceEnabled()) {
+ if (log.isTraceEnabled()) {
log.trace("Allowing request to " + getRequestedPath(req)
+ " with valid CSRF nonce " + previousNonce);
}
@@ -165,12 +164,12 @@ public class CsrfPreventionFilter extends
CsrfPreventionFilterBase {
if (!skipNonceGeneration(req)) {
if (nonceCache == null) {
- if(log.isDebugEnabled()) {
+ if (log.isDebugEnabled()) {
log.debug("Creating new CSRF nonce cache with size=" +
nonceCacheSize + " for session " + (null == session ? "(will create)" :
session.getId()));
}
if (session == null) {
- if(log.isDebugEnabled()) {
+ if (log.isDebugEnabled()) {
log.debug("Creating new session to store CSRF
nonce cache");
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
