|
This is a Java servlet filter (as per Servlet API 2.3). This filter lets you check Host header in HTTP requests. You can provide a list of allowed values this header, so any request with the wrong value will be prohibited. Filter lets you protect your web applications from DNS rebinding attack. How to use it: a) download hostflt.jar and save it in WEB-INF/lib b) describe this filter in web.xml. Initial parameter hosts provides a
commas separated list of allowed values. E.g.:
<filter> <filter-name>HostFilter</filter-name> <filter-class>com.cj.host.HostFilter</filter-class> <init-param> <param-name>hosts</param-name> <param-value>www.myserver.com,myserver.com:80</param-value> </init-param> </filter> Also you may exclude some of your files from the processing. An optional parameter exclude contains a commas separated list of files excluded from the processing. d) describe a mapping for this filter in web.xml
<filter-mapping> <filter-name>HostFilter</filter-name> <url-pattern>*</url-pattern> </filter-mapping> in this case filter will be on for the each request For downloading: Host package: hostflt.jar
See also JSOS - the largest collection of servlets and filters.
|
Also in JSOS:
|