From b1c9ab2d9ccd6d5dcffabe2d5c4bca42563e2d3e Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Thu, 20 Sep 2018 17:48:54 +0300 Subject: do not handle messages from invalid websocket sessions --- .../src/main/java/com/juick/components/Notifications.java | 2 +- .../components/configuration/JuickServerWebsocketConfiguration.java | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) (limited to 'juick-notifications') diff --git a/juick-notifications/src/main/java/com/juick/components/Notifications.java b/juick-notifications/src/main/java/com/juick/components/Notifications.java index 15af4a52..79afe8fa 100644 --- a/juick-notifications/src/main/java/com/juick/components/Notifications.java +++ b/juick-notifications/src/main/java/com/juick/components/Notifications.java @@ -321,7 +321,7 @@ public class Notifications extends TextWebSocketHandler implements NotificationC @Override protected void handleTextMessage(WebSocketSession session, TextMessage text) throws Exception { - if (!closeFlag.get()) { + if (!closeFlag.get() && this.session.getDelegate().equals(session)) { com.juick.Message jmsg = jsonMapper.readValue(text.asBytes(), com.juick.Message.class); if (logger.isInfoEnabled()) // prevent writeValueAsString execution if logger disabled diff --git a/juick-notifications/src/main/java/com/juick/components/configuration/JuickServerWebsocketConfiguration.java b/juick-notifications/src/main/java/com/juick/components/configuration/JuickServerWebsocketConfiguration.java index a29566aa..bc7f59fb 100644 --- a/juick-notifications/src/main/java/com/juick/components/configuration/JuickServerWebsocketConfiguration.java +++ b/juick-notifications/src/main/java/com/juick/components/configuration/JuickServerWebsocketConfiguration.java @@ -25,7 +25,6 @@ import javax.inject.Inject; import java.util.Collections; import java.util.List; -@Lazy @Configuration @EnableScheduling public class JuickServerWebsocketConfiguration { -- cgit v1.2.3