Rework Authorization flow
Currently we parse the whole message before authenticating,
allowing an attacker the ability to upload a large image,
or keep a connection open for the max amount of time easier
than it should be. This moves the authentication to the
earliest point possible, and restricts unauthenticated users
timeouts and max upload sizes. It also makes it so that
unauthenticated users cannot keep the connection alive
forever by refusing to close the connection.
Tested:
- login/logout
- firmware update
- large POST when unauthenticated
- timeouts when unauthenticated
- slowhttptest
Change-Id: Ifa02d8db04eac1821e8950eb85e71634a9e6d265
Signed-off-by: James Feist <james.feist@linux.intel.com>
diff --git a/include/webassets.hpp b/include/webassets.hpp
index fc58d37..92cf4aa 100644
--- a/include/webassets.hpp
+++ b/include/webassets.hpp
@@ -1,5 +1,7 @@
#pragma once
+#include "webroutes.hpp"
+
#include <app.h>
#include <http_request.h>
#include <http_response.h>
@@ -27,8 +29,6 @@
}
};
-static boost::container::flat_set<std::string> routes;
-
template <typename... Middlewares>
void requestRoutes(Crow<Middlewares...>& app)
{
@@ -100,13 +100,13 @@
webpath.string().back() != '/')
{
// insert the non-directory version of this path
- routes.insert(webpath);
+ webroutes::routes.insert(webpath);
webpath += "/";
}
}
std::pair<boost::container::flat_set<std::string>::iterator, bool>
- inserted = routes.insert(webpath);
+ inserted = webroutes::routes.insert(webpath);
if (!inserted.second)
{