(tomcat) branch 11.0.x updated: Add a limit of 10 attributes per session to the session example

markt Mon, 02 Dec 2024 10:10:39 -0800

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 11.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git



The following commit(s) were added to refs/heads/11.0.x by this push:
     new b1f65728b3 Add a limit of 10 attributes per session to the session 
example
b1f65728b3 is described below

commit b1f65728b37d7d227a0764344473b7e261a13408
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Mon Dec 2 18:09:44 2024 +0000

    Add a limit of 10 attributes per session to the session example
---
 webapps/docs/changelog.xml                         |  4 +
 .../examples/WEB-INF/classes/SessionExample.java   | 94 ++++++++++++++--------
 2 files changed, 64 insertions(+), 34 deletions(-)

diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 5a5bac60e5..36a52ed5fb 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -264,6 +264,10 @@
         Examples. Add the ability to delete session attributes in the servlet
         session example. (markt)
       </add>
+      <add>
+        Examples. Add a hard coded limit of 10 attributes per session for the
+        servlet session example. (markt)
+      </add>
     </changelog>
   </subsection>
   <subsection name = "Other">
diff --git a/webapps/examples/WEB-INF/classes/SessionExample.java 
b/webapps/examples/WEB-INF/classes/SessionExample.java
index 76b8fba15b..14d81fea5c 100644
--- a/webapps/examples/WEB-INF/classes/SessionExample.java
+++ b/webapps/examples/WEB-INF/classes/SessionExample.java
@@ -41,6 +41,9 @@ public class SessionExample extends HttpServlet {
 
     private static final long serialVersionUID = 1L;
 
+    private static final int SESSION_ATTRIBUTE_COUNT_LIMIT = 10;
+
+
     @Override
     public void doGet(HttpServletRequest request, HttpServletResponse 
response) throws IOException, ServletException {
         ResourceBundle rb = ResourceBundle.getBundle("LocalStrings", 
request.getLocale());
@@ -76,15 +79,34 @@ public class SessionExample extends HttpServlet {
         out.println(rb.getString("sessions.lastaccessed") + " ");
         out.println(new Date(session.getLastAccessedTime()));
 
+        // Count the existing attributes
+        int sessionAttributeCount = 0;
+        Enumeration<String> names = session.getAttributeNames();
+        while (names.hasMoreElements()) {
+            names.nextElement();
+            sessionAttributeCount++;
+        }
+
         String dataName = request.getParameter("dataname");
         String dataValue = request.getParameter("datavalue");
         if (dataName != null) {
-            session.setAttribute(dataName, dataValue);
+            if (dataValue == null) {
+                session.removeAttribute(dataName);
+                sessionAttributeCount--;
+            } else if (sessionAttributeCount < SESSION_ATTRIBUTE_COUNT_LIMIT) {
+                session.setAttribute(dataName, dataValue);
+                sessionAttributeCount++;
+            } else {
+                out.print("<p> Session attribute [");
+                out.print(HTMLFilter.filter(dataName));
+                out.print("] not added as there are already "+ 
SESSION_ATTRIBUTE_COUNT_LIMIT + " attributes in the ");
+                out.println("session. Delete an attribute before adding 
another.");
+            }
         }
 
-        out.println("<P>");
+        out.println("<p>");
         out.println(rb.getString("sessions.data") + "<br>");
-        Enumeration<String> names = session.getAttributeNames();
+        names = session.getAttributeNames();
         while (names.hasMoreElements()) {
             String name = names.nextElement();
             String value = session.getAttribute(name).toString();
@@ -96,37 +118,41 @@ public class SessionExample extends HttpServlet {
             out.println("<br>");
         }
 
-        out.println("<P>");
-        out.print("<form action=\"");
-        out.print(response.encodeURL("SessionExample"));
-        out.print("\" ");
-        out.println("method=POST>");
-        out.println(rb.getString("sessions.dataname"));
-        out.println("<input type=text size=20 name=dataname>");
-        out.println("<br>");
-        out.println(rb.getString("sessions.datavalue"));
-        out.println("<input type=text size=20 name=datavalue>");
-        out.println("<br>");
-        out.println("<input type=submit>");
-        out.println("</form>");
-
-        out.println("<P>GET based form:<br>");
-        out.print("<form action=\"");
-        out.print(response.encodeURL("SessionExample"));
-        out.print("\" ");
-        out.println("method=GET>");
-        out.println(rb.getString("sessions.dataname"));
-        out.println("<input type=text size=20 name=dataname>");
-        out.println("<br>");
-        out.println(rb.getString("sessions.datavalue"));
-        out.println("<input type=text size=20 name=datavalue>");
-        out.println("<br>");
-        out.println("<input type=submit>");
-        out.println("</form>");
-
-        out.print("<p><a href=\"");
-        
out.print(HTMLFilter.filter(response.encodeURL("SessionExample?dataname=exampleName&datavalue=exampleValue")));
-        out.println("\" >URL encoded </a>");
+        if (sessionAttributeCount < SESSION_ATTRIBUTE_COUNT_LIMIT) {
+            out.println("<p>");
+            out.print("<form action=\"");
+            out.print(response.encodeURL("SessionExample"));
+            out.print("\" ");
+            out.println("method=POST>");
+            out.println(rb.getString("sessions.dataname"));
+            out.println("<input type=text size=20 name=dataname>");
+            out.println("<br>");
+            out.println(rb.getString("sessions.datavalue"));
+            out.println("<input type=text size=20 name=datavalue>");
+            out.println("<br>");
+            out.println("<input type=submit>");
+            out.println("</form>");
+
+            out.println("<p>GET based form:<br>");
+            out.print("<form action=\"");
+            out.print(response.encodeURL("SessionExample"));
+            out.print("\" ");
+            out.println("method=GET>");
+            out.println(rb.getString("sessions.dataname"));
+            out.println("<input type=text size=20 name=dataname>");
+            out.println("<br>");
+            out.println(rb.getString("sessions.datavalue"));
+            out.println("<input type=text size=20 name=datavalue>");
+            out.println("<br>");
+            out.println("<input type=submit>");
+            out.println("</form>");
+
+            out.print("<p><a href=\"");
+            
out.print(HTMLFilter.filter(response.encodeURL("SessionExample?dataname=exampleName&datavalue=exampleValue")));
+            out.println("\" >URL encoded </a>");
+        } else {
+            out.print("<p>You may not add more than " + 
SESSION_ATTRIBUTE_COUNT_LIMIT + " attributes to this session.");
+        }
 
         out.println("</body>");
         out.println("</html>");


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

(tomcat) branch 11.0.x updated: Add a limit of 10 attributes per session to the session example

Reply via email to