Added defaults for remote-limt-api so sensitive calls are blocked by …

[kwek20]

Description

Provides defaults for keeping an iri node secure when you do not provide flags.

Fixes #306

Type of change

• Bug fix (a non-breaking change which fixes an issue)

How Has This Been Tested?

Started default IRI node with port parameter -> correct calls are blocked
Started IRI with --remote-api-limit for just blocking getNeighbors, and only that call is blocked

Checklist:

• My code follows the style guidelines for this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• New and existing unit tests pass locally with my changes

[alon-e]

I think we should also add attachToTangle & interruptAttachingToTangle to the default list.

[GalRogozinski]

Change to List<String> REMOTE_LIMIT_API

In IotaUtils you can add the following method:

 public static <T> List<T> createImmutableList(T... a) {
        return Collections.unmodifiableList(Arrays.asList(a));
    }

Note that once we upgrade Java we can start using List.of() instead of doing this ugly thing.
See:
https://docs.oracle.com/javase/9/docs/api/java/util/List.html

[kwek20]

@alon-e isnt attachToTangle used in a lot of tutorials? That will probably confuse people if its disabled by default

[GalRogozinski]

Since this is also a product decision I am tagging @jakubcech.
I want to remind everyone that since changing the defaults breaks backwards compatibility, perhaps it shouldn't be released together with the changes we made for configurations in #724.

[jakubcech]

attachToTangle & interruptAttachingToTangle should be in the list. We should update our docs if it's broken by this change somewhere.

[alon-e]

fix indentation? :)

[kwek20]

Not sure why it did that, i checked in code and it doesnt look like that :o

[rajivshah3]

It might happen if you use tabs instead of spaces (https://www.youtube.com/watch?v=SsoOG6ZeyUI )

[GalRogozinski]

Hmm I don't see it fixed yet... You can configure your IDE to convert tabs to spaces.

[GalRogozinski]

Hmm I think wrapping with Collections.unmodifiableList() would have been more suitable than ArrayList...

[GalRogozinski]

Change to List<String> REMOTE_LIMIT_API

In IotaUtils you can add the following method:

 public static <T> List<T> createImmutableList(T... a) {
        return Collections.unmodifiableList(Arrays.asList(a));
    }

Note that once we upgrade Java we can start using List.of() instead of doing this ugly thing.
See:
https://docs.oracle.com/javase/9/docs/api/java/util/List.html

[GalRogozinski]

Hmm I don't see it fixed yet... You can configure your IDE to convert tabs to spaces.

[GalRogozinski]

Can you set your IDE to have a column width of 120.
I will try to add more checkstyle rules real soon. I know style comments are annoying. A computer should give them and not a human.

[GalRogozinski]

@jakubcech and @DyrellC
Before this is released we should have an automation test.