Prevent client from overriding important headers.
The glance client offered the opportunity to override important headers via the features parameter during image creation or update. Created a blacklist of unsupported features like: content-length content-type x-image-meta-size These headers should not be overriden by the client. Fixes LP Bug #1023892 Change-Id: I14aac59e00a2672fd98f6dab221096ab5de86855
This commit is contained in:
parent
00a7683555
commit
920096f0f6
|
@ -240,3 +240,7 @@ class SchemaLoadError(GlanceException):
|
|||
class InvalidObject(GlanceException):
|
||||
message = _("Provided object does not match schema "
|
||||
"'%(schema)s': %(reason)s")
|
||||
|
||||
|
||||
class UnsupportedHeaderFeature(GlanceException):
|
||||
message = _("Provided header feature is unsupported: %(feature)s")
|
||||
|
|
|
@ -43,6 +43,8 @@ import glance.openstack.common.log as logging
|
|||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
FEATURE_BLACKLIST = ['content-length', 'content-type', 'x-image-meta-size']
|
||||
|
||||
|
||||
def chunkreadable(iter, chunk_size=65536):
|
||||
"""
|
||||
|
@ -153,6 +155,8 @@ def add_features_to_http_headers(features, headers):
|
|||
"""
|
||||
if features:
|
||||
for k, v in features.items():
|
||||
if k.lower() in FEATURE_BLACKLIST:
|
||||
raise exception.UnsupportedHeaderFeature(feature=k)
|
||||
if v is not None:
|
||||
headers[k.lower()] = unicode(v)
|
||||
|
||||
|
|
|
@ -2004,6 +2004,29 @@ class TestClient(base.IsolatedUnitTest):
|
|||
fixture,
|
||||
image_data_fixture)
|
||||
|
||||
def test_add_image_with_unsupported_feature(self):
|
||||
"""Tests that UnsupportedHeaderFeature is raised when image is added"""
|
||||
fixture = {
|
||||
'name': 'fake public image',
|
||||
'is_public': True,
|
||||
'disk_format': 'vhd',
|
||||
'container_format': 'ovf',
|
||||
'size': 19,
|
||||
'location': "http://localhost/glance-tests/2"
|
||||
}
|
||||
|
||||
feature_fixture = {
|
||||
'content-type': 'bad content type',
|
||||
'content-length': '0',
|
||||
'x-image-meta-size': '0'
|
||||
}
|
||||
|
||||
for k, v in feature_fixture.items():
|
||||
self.assertRaises(exception.UnsupportedHeaderFeature,
|
||||
self.client.add_image,
|
||||
None,
|
||||
features={k: v})
|
||||
|
||||
def test_update_image(self):
|
||||
"""Tests that the /images PUT registry API updates the image"""
|
||||
fixture = {'name': 'fake public image #2',
|
||||
|
@ -2031,6 +2054,25 @@ class TestClient(base.IsolatedUnitTest):
|
|||
_gen_uuid(),
|
||||
fixture)
|
||||
|
||||
def test_update_image_with_unsupported_feature(self):
|
||||
"""Tests that UnsupportedHeaderFeature is raised during update"""
|
||||
fixture = {
|
||||
'name': 'fake public image #2'
|
||||
}
|
||||
|
||||
feature_fixture = {
|
||||
'content-type': 'bad content-type',
|
||||
'content-length': '0',
|
||||
'x-image-meta-size': '0'
|
||||
}
|
||||
|
||||
for k, v in feature_fixture.items():
|
||||
self.assertRaises(exception.UnsupportedHeaderFeature,
|
||||
self.client.update_image,
|
||||
UUID2,
|
||||
image_meta=fixture,
|
||||
features={k: v})
|
||||
|
||||
def test_delete_image(self):
|
||||
"""Tests that image metadata is deleted properly"""
|
||||
# Grab the original number of images
|
||||
|
|
Loading…
Reference in New Issue