fix 756c817

must be applied to all code where a transaction token is generated.

source/net/yacy/htroot/ConfigAccounts_p.java

@@ -54,9 +54,12 @@ public static serverObjects respond(final RequestHeader header, final serverObje
         final serverObjects prop = new serverObjects();
 
         /* Acquire a transaction token for the next POST form submission */
-        prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
-
         final Switchboard sb = (Switchboard) env;
+        try {
+            prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        } catch (IllegalArgumentException e) {
+            sb.log.fine("access by unauthorized or unknown user: no transaction token delivered");
+        }
         UserDB.Entry entry = null;
 
         // admin password

source/net/yacy/htroot/ConfigPortal_p.java

@@ -179,7 +179,11 @@ public static serverObjects respond(final RequestHeader header, final serverObje
         }
 
         /* Acquire a transaction token for the next POST form submission */
-        prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        try {
+            prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        } catch (IllegalArgumentException e) {
+            sb.log.fine("access by unauthorized or unknown user: no transaction token delivered");
+        }
 
         prop.putHTML(SwitchboardConstants.GREETING, sb.getConfig(SwitchboardConstants.GREETING, ""));
         prop.putHTML(SwitchboardConstants.GREETING_HOMEPAGE, sb.getConfig(SwitchboardConstants.GREETING_HOMEPAGE, ""));

source/net/yacy/htroot/ConfigProperties_p.java

@@ -37,6 +37,7 @@
 
 import net.yacy.cora.protocol.RequestHeader;
 import net.yacy.data.TransactionManager;
+import net.yacy.search.Switchboard;
 import net.yacy.server.serverObjects;
 import net.yacy.server.serverSwitch;
 
@@ -47,7 +48,11 @@ public static serverObjects respond(final RequestHeader header, final serverObje
         final serverObjects prop = new serverObjects();
 
         /* Acquire a transaction token for the next POST form submission */
-        prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        try {
+            prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        } catch (IllegalArgumentException e) {
+            Switchboard.getSwitchboard().log.fine("access by unauthorized or unknown user: no transaction token delivered");
+        }
 
         String key = "";
         String value = "";

source/net/yacy/htroot/ConfigSearchPage_p.java

@@ -207,7 +207,11 @@ public static serverObjects respond(final RequestHeader header, final serverObje
         }
 
         /* Acquire a transaction token for the next POST form submission */
-        prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        try {
+            prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        } catch (IllegalArgumentException e) {
+            sb.log.fine("access by unauthorized or unknown user: no transaction token delivered");
+        }
 
         prop.putHTML(SwitchboardConstants.GREETING, sb.getConfig(SwitchboardConstants.GREETING, ""));
         prop.putHTML(SwitchboardConstants.GREETING_HOMEPAGE, sb.getConfig(SwitchboardConstants.GREETING_HOMEPAGE, ""));

source/net/yacy/htroot/IndexDeletion_p.java

@@ -56,7 +56,11 @@ public static serverObjects respond(final RequestHeader header, final serverObje
         final serverObjects prop = new serverObjects();
 
         /* Acquire a transaction token for the next POST form submission */
-        prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        try {
+            prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        } catch (IllegalArgumentException e) {
+            sb.log.fine("access by unauthorized or unknown user: no transaction token delivered");
+        }
 
         final SolrConnector defaultConnector = sb.index.fulltext().getDefaultConnector();
         final SolrConnector webgraphConnector = sb.index.fulltext().getWebgraphConnector();

source/net/yacy/htroot/IndexFederated_p.java

@@ -182,7 +182,11 @@ public static serverObjects respond(final RequestHeader header, final serverObje
         }
 
         /* Acquire a transaction token for the next POST form submission */
-        prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        try {
+            prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        } catch (IllegalArgumentException e) {
+            sb.log.fine("access by unauthorized or unknown user: no transaction token delivered");
+        }
 
         // show solr host table
         if (!sb.index.fulltext().connectedRemoteSolr()) {

source/net/yacy/htroot/PerformanceQueues_p.java

@@ -60,7 +60,11 @@ public static serverObjects respond(final RequestHeader header, final serverObje
         File defaultSettingsFile = new File(sb.getAppPath(), "defaults/yacy.init");
 
         /* Acquire a transaction token for the next POST form submission */
-        prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        try {
+            prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        } catch (IllegalArgumentException e) {
+            sb.log.fine("access by unauthorized or unknown user: no transaction token delivered");
+        }
 
         // get segment
         final Segment indexSegment = sb.index;

source/net/yacy/htroot/SearchAccessRate_p.java

@@ -49,7 +49,11 @@ public static serverObjects respond(final RequestHeader header, final serverObje
 		final serverObjects prop = new serverObjects();
 
 		/* Acquire a transaction token for the next POST form submission */
-		prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        try {
+            prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+        } catch (IllegalArgumentException e) {
+            sb.log.fine("access by unauthorized or unknown user: no transaction token delivered");
+        }
 
 		if (post != null) {
 			/*

source/net/yacy/htroot/Steering.java

@@ -52,7 +52,11 @@ public static serverObjects respond(final RequestHeader header, final serverObje
 			if(ss != null && ((Switchboard) ss).verifyAuthentication(header)) {
 				/* YaCyDefaultServlet will detect it and then also fill the custom HTTP response header used by the JavaScript shutdown and restart actions
 				 * or any external API requesting tool */
-				prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+		        try {
+		            prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
+		        } catch (IllegalArgumentException e) {
+		            ((Switchboard) ss).log.fine("access by unauthorized or unknown user: no transaction token delivered");
+		        }
 				/* Also add to the Steering.html page info block for eventual display of this page without parameter */
 				prop.put("info_" + TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
 			} else {