From 6ae94ccb165e2c383a06536ac7cd14eff5c0eb5f Mon Sep 17 00:00:00 2001
From: markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Date: Sat, 10 Jul 2010 16:19:26 +0000
Subject: [PATCH] Align implementation with docs. nonceCacheSize should be
 configurable

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@962872 13f79535-47bb-0310-9956-ffa450edef68
---
 .../org/apache/catalina/filters/CsrfPreventionFilter.java | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/catalina/filters/CsrfPreventionFilter.java b/java/org/apache/catalina/filters/CsrfPreventionFilter.java
index 471324dfc..60a650c62 100644
--- a/java/org/apache/catalina/filters/CsrfPreventionFilter.java
+++ b/java/org/apache/catalina/filters/CsrfPreventionFilter.java
@@ -55,7 +55,7 @@ public class CsrfPreventionFilter extends FilterBase {
 
     private final Set<String> entryPoints = new HashSet<String>();
     
-    private final int nonceCacheSize = 5;
+    private int nonceCacheSize = 5;
 
     @Override
     protected Log getLogger() {
@@ -79,6 +79,19 @@ public class CsrfPreventionFilter extends FilterBase {
         }
     }
 
+    /**
+     * Sets the number of previously issued nonces that will be cached on a LRU
+     * basis to support parallel requests, limited use of the refresh and back
+     * in the browser and similar behaviors that may result in the submission
+     * of a previous nonce rather than the current one. If not set, the default
+     * value of 5 will be used.
+     * 
+     * @param nonceCacheSize    The number of nonces to cache
+     */
+    public void setNonceCacheSize(int nonceCacheSize) {
+        this.nonceCacheSize = nonceCacheSize;
+    }
+    
     public void doFilter(ServletRequest request, ServletResponse response,
             FilterChain chain) throws IOException, ServletException {
 
-- 
2.11.0