Previously, we were testing that a 254 (!?) character name would be valid
when the maximum configured is 500. Now we'll test that 500 character
names are valid.
While we're at it, stop patching self.test_check. It was unnecessary,
and we were doing it badly.
Change-Id: Ia604fa7b809a97fbce176c82606af73cdb92828c
Test that the actual configured options get reported in /info
Follow up to:
Related-Change: If1af43485b4708cab6c4b5d7f6f0a334d8752518
Change-Id: I1d76d40c70a38b959dd0103f3c56b1da4dae068f
Also removed a bunch of unnecessary unquotes. Just use path_info
instead (it's already unquoted).
Partial-Bug: #1670915
Change-Id: If1af43485b4708cab6c4b5d7f6f0a334d8752518
assertEquals is deprecated in py3, replacing it.
Change-Id: Ida206abbb13c320095bb9e3b25a2b66cc31bfba8
Co-Authored-By: Ondřej Nový <ondrej.novy@firma.seznam.cz>
This patch converts maximum_length to integer in
name_check middleware if read from proxy-server.conf
file.
Change-Id: I28d66fd1b7ce56ca5540cb7189d084c36e063d43
Closes-Bug: 1372397
This change replaces WebOb with a mostly compatible local library,
swift.common.swob. Subtle changes to WebOb's API over the years have been a
huge headache. Swift doesn't even run on the current version.
There are a few incompatibilities to simplify the implementation/interface:
* It only implements the header properties we use. More can be easily added.
* Casts header values to str on assignment.
* Response classes ("HTTPNotFound") are no longer subclasses, but partials
on Response, so things like isinstance no longer work on them.
* Unlike newer webob versions, will never return unicode objects.
Change-Id: I76617a0903ee2286b25a821b3c935c86ff95233f
In comments from https://review.openstack.org/8798 it was raised that it
might make sense to forbid some substrings in the name_filter
middleware.
There is now a new forbidden_regexp option for the name_filter
middleware to specify which substrings to forbid. The default is
"/\./|/\.\./|/\.$|/\.\.$" (or in a non-regexp language: the /./ and /../
substrings as well as strings ending with /. or /..).
This can be useful for extra paranoia to avoid directory traversals
(bug 1005908), or for more general filtering.
Change-Id: I39bf2de45b9dc7d3ca4d350d24b3f2276e958a62
DocImpact: new forbidden_regexp option for the name_filter middleware
Bug 926048.
Filter checks path for user-defined forbidden characters, and for
user-defined maximum length.
Includes changes to reflect gholt's latest comments to Patch Set 4
Also includes a change to a unit-test, renames another unit-test,
and removes one superfluous unit-test.
Added section to the example proxy config
Fixed-up unit test pep8 warnings
Changed error response code to 400 (Bad Request)
Change-Id: Iace719d6a3d00fb3dda1b9d0bc185b8c4cbc00ca
