You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by rn...@apache.org on 2021/01/12 18:12:50 UTC
[couchdb] branch main updated: Allow gzipped requests to _session
(#3323)
This is an automated email from the ASF dual-hosted git repository.
rnewson pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/couchdb.git
The following commit(s) were added to refs/heads/main by this push:
new bc9773a Allow gzipped requests to _session (#3323)
bc9773a is described below
commit bc9773a2f6199cc095aae8ae977eb8df75204dab
Author: Bessenyei Balázs Donát <be...@users.noreply.github.com>
AuthorDate: Tue Jan 12 19:12:40 2021 +0100
Allow gzipped requests to _session (#3323)
All endpoints but _session support gzip encoding and there's no practical reason for that.
This commit enables gzip decoding on compressed requests to _session.
---
src/chttpd/test/eunit/chttpd_session_tests.erl | 12 +++++++++++-
src/couch/src/couch_httpd.erl | 1 +
src/couch/src/couch_httpd_auth.erl | 4 ++--
3 files changed, 14 insertions(+), 3 deletions(-)
diff --git a/src/chttpd/test/eunit/chttpd_session_tests.erl b/src/chttpd/test/eunit/chttpd_session_tests.erl
index a802d9e..1e1fbf5 100644
--- a/src/chttpd/test/eunit/chttpd_session_tests.erl
+++ b/src/chttpd/test/eunit/chttpd_session_tests.erl
@@ -44,7 +44,8 @@ session_test_() ->
fun cleanup/1,
[
?TDEF_FE(session_authentication_db_absent),
- ?TDEF_FE(session_authentication_db_present)
+ ?TDEF_FE(session_authentication_db_present),
+ ?TDEF_FE(session_authentication_gzip_request)
]
}
}
@@ -62,6 +63,15 @@ session_authentication_db_present(Url) ->
?assertEqual(list_to_binary(Name), session_authentication_db(Url)).
+session_authentication_gzip_request(Url) ->
+ {ok, 200, _, Body} = test_request:request(
+ post,
+ Url,
+ [{"Content-Type", "application/json"}, {"Content-Encoding", "gzip"}],
+ zlib:gzip(jiffy:encode({[{username, list_to_binary(?USER)}, {password, list_to_binary(?PASS)}]}))),
+ {BodyJson} = jiffy:decode(Body),
+ ?assert(lists:member({<<"name">>, list_to_binary(?USER)}, BodyJson)).
+
session_authentication_db(Url) ->
{ok, 200, _, Body} = test_request:get(Url, [{basic_auth, {?USER, ?PASS}}]),
couch_util:get_nested_json_value(
diff --git a/src/couch/src/couch_httpd.erl b/src/couch/src/couch_httpd.erl
index 53d14d7..fb03bac 100644
--- a/src/couch/src/couch_httpd.erl
+++ b/src/couch/src/couch_httpd.erl
@@ -39,6 +39,7 @@
-export([check_max_request_length/1]).
-export([handle_request/1]).
-export([set_auth_handlers/0]).
+-export([maybe_decompress/2]).
-define(HANDLER_NAME_IN_MODULE_POS, 6).
-define(MAX_DRAIN_BYTES, 1048576).
diff --git a/src/couch/src/couch_httpd_auth.erl b/src/couch/src/couch_httpd_auth.erl
index e81cf04..7d728e6 100644
--- a/src/couch/src/couch_httpd_auth.erl
+++ b/src/couch/src/couch_httpd_auth.erl
@@ -33,7 +33,7 @@
-export([jwt_authentication_handler/1]).
--import(couch_httpd, [header_value/2, send_json/2,send_json/4, send_method_not_allowed/2]).
+-import(couch_httpd, [header_value/2, send_json/2, send_json/4, send_method_not_allowed/2, maybe_decompress/2]).
-compile({no_auto_import,[integer_to_binary/1, integer_to_binary/2]}).
@@ -329,7 +329,7 @@ handle_session_req(#httpd{method='POST', mochi_req=MochiReq}=Req, AuthModule) ->
"application/x-www-form-urlencoded" ++ _ ->
mochiweb_util:parse_qs(ReqBody);
"application/json" ++ _ ->
- {Pairs} = ?JSON_DECODE(ReqBody),
+ {Pairs} = ?JSON_DECODE(maybe_decompress(Req, ReqBody)),
lists:map(fun({Key, Value}) ->
{?b2l(Key), ?b2l(Value)}
end, Pairs);