diff options
| author | Gabor Pali <gabor.pali@ibm.com> | 2023-04-06 12:30:22 +0200 |
|---|---|---|
| committer | Nick Vatamaniuc <nickva@users.noreply.github.com> | 2023-04-19 13:43:03 -0400 |
| commit | c1195e43c0b55f99892bb5d6b593de178499b969 (patch) | |
| tree | d64214a484115e6daf64067063b286e5689eb0cb | |
| parent | df52be5778534c2c11e18b6ed2f7bdf242012184 (diff) | |
| download | couchdb-c1195e43c0b55f99892bb5d6b593de178499b969.tar.gz | |
fix(mango): GET invalid path under `_index` should not cause 500
Sending GET requests targeting paths under the `/{db}/_index`
endpoint, e.g. `/{db}/_index/something`, cause an internal error.
Change the endpoint's behavior to gracefully return HTTP 405
"Method Not Allowed" instead to be consistent with others.
| -rw-r--r-- | src/mango/src/mango_httpd.erl | 6 | ||||
| -rw-r--r-- | src/mango/test/01-index-crud-test.py | 4 |
2 files changed, 7 insertions, 3 deletions
diff --git a/src/mango/src/mango_httpd.erl b/src/mango/src/mango_httpd.erl index 3e58288da..935cf5890 100644 --- a/src/mango/src/mango_httpd.erl +++ b/src/mango/src/mango_httpd.erl @@ -107,8 +107,6 @@ handle_index_req(#httpd{method = 'POST', path_parts = [_, _]} = Req, Db) -> end end, chttpd:send_json(Req, {[{result, Status}, {id, Id}, {name, Name}]}); -handle_index_req(#httpd{path_parts = [_, _]} = Req, _Db) -> - chttpd:send_method_not_allowed(Req, "GET,POST"); %% Essentially we just iterate through the list of ddoc ids passed in and %% delete one by one. If an error occurs, all previous documents will be %% deleted, but an error will be thrown for the current ddoc id. @@ -189,7 +187,9 @@ handle_index_req( ?MANGO_ERROR({error_saving_ddoc, Error}) end; handle_index_req(#httpd{path_parts = [_, _, _DDocId0, _Type, _Name]} = Req, _Db) -> - chttpd:send_method_not_allowed(Req, "DELETE"). + chttpd:send_method_not_allowed(Req, "DELETE"); +handle_index_req(#httpd{path_parts = [_, _ | _]} = Req, _Db) -> + chttpd:send_method_not_allowed(Req, "GET,POST"). handle_explain_req(#httpd{method = 'POST'} = Req, Db) -> chttpd:validate_ctype(Req, "application/json"), diff --git a/src/mango/test/01-index-crud-test.py b/src/mango/test/01-index-crud-test.py index dd70e7eea..e85e1d8ea 100644 --- a/src/mango/test/01-index-crud-test.py +++ b/src/mango/test/01-index-crud-test.py @@ -88,6 +88,10 @@ class IndexCrudTests(mango.DbPerClass): else: raise AssertionError("bad create index") + def test_bad_url(self): + r = self.db.sess.get(self.db.path("_index/foo")) + self.assertEqual(r.status_code, 405) + def test_create_idx_01(self): fields = ["foo", "bar"] ret = self.db.create_index(fields, name="idx_01") |