lorax-composer: Check compose/status for invalid characters
This commit is contained in:
parent
9a76c20c6b
commit
019cac8a7c
@ -1649,6 +1649,11 @@ def v0_compose_status(uuids):
|
||||
status = request.args.get("status", None)
|
||||
compose_type = request.args.get("type", None)
|
||||
|
||||
# Check the arguments for invalid characters
|
||||
for a in [blueprint, status, compose_type]:
|
||||
if a is not None and VALID_API_STRING.match(a) is None:
|
||||
return jsonify(status=False, errors=[{"id": INVALID_CHARS, "msg": "Invalid characters in API path"}]), 400
|
||||
|
||||
results = []
|
||||
errors = []
|
||||
|
||||
|
@ -1638,6 +1638,15 @@ class ServerAPIV0TestCase(unittest.TestCase):
|
||||
resp = self.server.get("/api/v0/compose/status/" + UTF8_TEST_STRING)
|
||||
self.assertInputError(resp)
|
||||
|
||||
resp = self.server.get("/api/v0/compose/status/*?blueprint=" + UTF8_TEST_STRING)
|
||||
self.assertInputError(resp)
|
||||
|
||||
resp = self.server.get("/api/v0/compose/status/*?status=" + UTF8_TEST_STRING)
|
||||
self.assertInputError(resp)
|
||||
|
||||
resp = self.server.get("/api/v0/compose/status/*?type=" + UTF8_TEST_STRING)
|
||||
self.assertInputError(resp)
|
||||
|
||||
def test_compose_cancel_input(self):
|
||||
"""Test the compose/cancel input character checking"""
|
||||
resp = self.server.delete("/api/v0/compose/cancel/" + UTF8_TEST_STRING)
|
||||
|
Loading…
Reference in New Issue
Block a user