You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by rn...@apache.org on 2011/08/12 19:44:21 UTC
svn commit: r1157195 - in /couchdb/trunk: CHANGES
share/www/script/test/replication.js src/couchdb/couch_httpd_replicator.erl
Author: rnewson
Date: Fri Aug 12 17:44:21 2011
New Revision: 1157195
URL: http://svn.apache.org/viewvc?rev=1157195&view=rev
Log:
COUCHDB-1242 - validate that query_params are strings.
Modified:
couchdb/trunk/CHANGES
couchdb/trunk/share/www/script/test/replication.js
couchdb/trunk/src/couchdb/couch_httpd_replicator.erl
Modified: couchdb/trunk/CHANGES
URL: http://svn.apache.org/viewvc/couchdb/trunk/CHANGES?rev=1157195&r1=1157194&r2=1157195&view=diff
==============================================================================
--- couchdb/trunk/CHANGES (original)
+++ couchdb/trunk/CHANGES Fri Aug 12 17:44:21 2011
@@ -6,6 +6,12 @@ Version 1.2.0
This version has not been released yet.
+Replicator:
+
+ * Passing non-string values to query_params is now a 400 bad
+ request. This is to reduce the surprise that all parameters
+ are converted to strings internally.
+
Build System:
* cURL is no longer required to build CouchDB as it is only
Modified: couchdb/trunk/share/www/script/test/replication.js
URL: http://svn.apache.org/viewvc/couchdb/trunk/share/www/script/test/replication.js?rev=1157195&r1=1157194&r2=1157195&view=diff
==============================================================================
--- couchdb/trunk/share/www/script/test/replication.js (original)
+++ couchdb/trunk/share/www/script/test/replication.js Fri Aug 12 17:44:21 2011
@@ -666,7 +666,7 @@ couchTests.replication = function(debug)
body: {
filter: "mydesign/myfilter",
query_params: {
- modulus: 2,
+ modulus: "2",
special: "7"
}
}
@@ -714,7 +714,7 @@ couchTests.replication = function(debug)
body: {
filter: "mydesign/myfilter",
query_params: {
- modulus: 2,
+ modulus: "2",
special: "7"
}
}
@@ -1649,6 +1649,19 @@ couchTests.replication = function(debug)
TEquals("undefined", typeof copy._attachments["foo.dat"]["encoding"]);
// end of test for COUCHDB-885
+ // Test for COUCHDB-1242 (reject non-string query_params)
+ try {
+ CouchDB.replicate(sourceDb, targetDb, {
+ body: {
+ filter : "mydesign/myfilter",
+ query_params : {
+ "maxvalue": 4
+ }
+ }
+ });
+ } catch (e) {
+ TEquals("bad_request", e.error);
+ }
// cleanup
usersDb.deleteDb();
Modified: couchdb/trunk/src/couchdb/couch_httpd_replicator.erl
URL: http://svn.apache.org/viewvc/couchdb/trunk/src/couchdb/couch_httpd_replicator.erl?rev=1157195&r1=1157194&r2=1157195&view=diff
==============================================================================
--- couchdb/trunk/src/couchdb/couch_httpd_replicator.erl (original)
+++ couchdb/trunk/src/couchdb/couch_httpd_replicator.erl Fri Aug 12 17:44:21 2011
@@ -29,7 +29,8 @@
handle_req(#httpd{method = 'POST', user_ctx = UserCtx} = Req) ->
couch_httpd:validate_ctype(Req, "application/json"),
- RepDoc = couch_httpd:json_body_obj(Req),
+ RepDoc = {Props} = couch_httpd:json_body_obj(Req),
+ validate_rep_props(Props),
{ok, Rep} = couch_replicator_utils:parse_rep_doc(RepDoc, UserCtx),
case couch_replicator:replicate(Rep) of
{error, {Error, Reason}} ->
@@ -51,3 +52,15 @@ handle_req(#httpd{method = 'POST', user_
handle_req(Req) ->
send_method_not_allowed(Req, "POST").
+
+validate_rep_props([]) ->
+ ok;
+validate_rep_props([{<<"query_params">>, {Params}}|Rest]) ->
+ lists:foreach(fun
+ ({_,V}) when is_binary(V) -> ok;
+ ({K,_}) -> throw({bad_request,
+ <<K/binary," value must be a string.">>})
+ end, Params),
+ validate_rep_props(Rest);
+validate_rep_props([_|Rest]) ->
+ validate_rep_props(Rest).