Closed
Bug 702685
Opened 13 years ago
Closed 13 years ago
PHP record-size validation not ported over to python server
Categories
(Cloud Services Graveyard :: Server: Sync, defect)
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: telliott, Assigned: tarek)
Details
(Keywords: regression, Whiteboard: [qa+])
Attachments
(1 file, 1 obsolete file)
|
2.85 KB,
patch
|
telliott
:
review+
|
Details | Diff | Splinter Review |
This snippet of code was in the php server:
if ($this->payload_exists())
{
if (!is_string($this->wbo_hash['payload']))
{ $this->_error[] = "payload needs to be json-encoded"; }
else if (WEAVE_PAYLOAD_MAX_SIZE && mb_strlen($this->wbo_hash['payload'], '8bit') > WEAVE_PAYLOAD_MAX_SIZE)
{ $this->_error[] = "payload too large"; }
}
I cannot find the equivalent in the python server. Am I just missing it? It's a pretty important piece of protection.
|
Reporter | |
Comment 1•13 years ago
|
||
sorry, should have been clearer - that's in the WBO validation method
|
Assignee | |
Comment 2•13 years ago
|
||
no I did miss it
|
||
Updated•13 years ago
|
Whiteboard: [qa+]
|
||
Comment 3•13 years ago
|
||
Patch attached. I've hard-coded the limit as a module-level constant since there's no obvious way to make it configurable.
Attachment #584692 -
Flags: review?(tarek)
|
|
||
Comment 4•13 years ago
|
||
Oops, telliott points out that the payload is unicode and we should limit based on the encoded size in bytes. Patch updated accordingly.
Attachment #584692 -
Attachment is obsolete: true
Attachment #584692 -
Flags: review?(tarek)
Attachment #584862 -
Flags: review?(telliott)
|
|
Reporter | |
Comment 5•13 years ago
|
||
Comment on attachment 584862 [details] [diff] [review] patch limiting wbo payload size Looks good.
Attachment #584862 -
Flags: review?(telliott) → review+
|
|
||
Comment 6•13 years ago
|
||
Committed in http://hg.mozilla.org/services/server-storage/rev/0960d2f60299
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
|
|
||
Comment 7•12 years ago
|
||
QA to verify this ASAP.
|
|
||
Comment 8•12 years ago
|
||
Basing my comments on :rfkelly Comment 6 syncstorage/tests/test_wbo.py is now syncstorage/tests/test_bso.py syncstorage/wbo.py is now syncstorage/bso.py
|
|
||
Comment 9•12 years ago
|
||
Code verified and passed functional tests of Sync 1.1 and 2.0 for a 4/23/2012 deploy to qa1.
Status: RESOLVED → VERIFIED
|
||
Updated•1 year ago
|
Product: Cloud Services → Cloud Services Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•