From 045864aa9665d9d0f0404550256486056bf0148f Mon Sep 17 00:00:00 2001 From: Dane Everitt Date: Sun, 23 Oct 2016 21:31:29 -0400 Subject: [PATCH] Prevent accidental DoS of users if server sends a rapid feed of data to the console. Configurable speed in environment file. --- .env.example | 2 ++ public/themes/default/css/pterodactyl.css | 14 +++++++++++++ resources/views/server/index.blade.php | 25 +++++++++++++++++++++-- 3 files changed, 39 insertions(+), 2 deletions(-) diff --git a/.env.example b/.env.example index ffb261134..004bfa4e4 100644 --- a/.env.example +++ b/.env.example @@ -4,6 +4,8 @@ APP_KEY=SomeRandomString3232RandomString APP_THEME=default APP_TIMEZONE=UTC APP_CLEAR_TASKLOG=720 +CONSOLE_PUSH_FREQ=250 +CONSOLE_PUSH_COUNT=10 DB_HOST=localhost DB_PORT=3306 diff --git a/public/themes/default/css/pterodactyl.css b/public/themes/default/css/pterodactyl.css index c25130929..f5be2844a 100755 --- a/public/themes/default/css/pterodactyl.css +++ b/public/themes/default/css/pterodactyl.css @@ -271,3 +271,17 @@ li.btn.btn-default.pill:active,li.btn.btn-default.pill:focus,li.btn.btn-default. .fuelux .wizard .steps-container { background-color: #eee; } + +#consoleThrottled { + z-index: 999; + top: 0px; + opacity: 0.6; + left: 0; + position: absolute; + margin: 0 15px; + border-radius: 4px 4px 0 0; +} + +#consoleThrottled:hover { + opacity: 1; +} diff --git a/resources/views/server/index.blade.php b/resources/views/server/index.blade.php index 2a00f1a24..923ac56f4 100644 --- a/resources/views/server/index.blade.php +++ b/resources/views/server/index.blade.php @@ -48,7 +48,11 @@
-
+ +
+

@@ -364,10 +368,27 @@ $(window).load(function () { }); // New Console Data Recieved + var outputQueue = []; socket.on('console', function (data) { - terminal.echo(data.line); + outputQueue.push(data.line); }); + window.setInterval(pushOutputQueue, {{ env('CONSOLE_PUSH_FREQ', 250) }}); + function pushOutputQueue() + { + if (outputQueue.length > {{ env('CONSOLE_PUSH_COUNT', 10) }}) { + $('#consoleThrottled').removeClass('hidden'); + } else { + $('#consoleThrottled').addClass('hidden'); + } + + for (var i = 0; i < {{ env('CONSOLE_PUSH_COUNT', 10) }}; i++) + { + terminal.echo(outputQueue[0]); + outputQueue.shift(); + } + } + // Update Listings on Initial Status socket.on('initial_status', function (data) { currentStatus = data.status;