diff options
| author | vijaya-erukala <vijaya_erukala@persistent.co.in> | 2012-09-20 12:08:57 +0530 |
|---|---|---|
| committer | vijaya-erukala <vijaya_erukala@persistent.co.in> | 2012-10-09 11:36:20 +0530 |
| commit | 7a70bc33aca8428f38c70c6b85bba29977a41aaf (patch) | |
| tree | 8a8c1f70a5a6823e878f25adea41558d89076b8d | |
| parent | fb101685cc14ed9b0396ce966e571d3fb457c32f (diff) | |
Handle invalid xml request to return BadRequest
Handled ExpatError,LookupError to return BadRequest
if the user inputs the invalid xml
fixes bug 1032092
Change-Id: I7374532d91e3d7675bc80730031a195f50bb2abc
| -rw-r--r-- | nova/api/openstack/wsgi.py | 11 | ||||
| -rw-r--r-- | nova/tests/api/openstack/compute/test_servers.py | 24 |
2 files changed, 34 insertions, 1 deletions
diff --git a/nova/api/openstack/wsgi.py b/nova/api/openstack/wsgi.py index 33db3e714..a7a3823e9 100644 --- a/nova/api/openstack/wsgi.py +++ b/nova/api/openstack/wsgi.py @@ -881,8 +881,17 @@ class Resource(wsgi.Application): # function. If we try to audit __call__(), we can # run into troubles due to the @webob.dec.wsgify() # decorator. - return self._process_stack(request, action, action_args, + try: + return self._process_stack(request, action, action_args, content_type, body, accept) + except expat.ExpatError: + msg = _("Invalid XML in request body") + return Fault(webob.exc.HTTPBadRequest(explanation=msg)) + except LookupError as e: + #NOTE(Vijaya Erukala): XML input such as + # <?xml version="1.0" encoding="TF-8"?> + # raises LookupError: unknown encoding: TF-8 + return Fault(webob.exc.HTTPBadRequest(explanation=unicode(e))) def _process_stack(self, request, action, action_args, content_type, body, accept): diff --git a/nova/tests/api/openstack/compute/test_servers.py b/nova/tests/api/openstack/compute/test_servers.py index b90866813..cc1c59304 100644 --- a/nova/tests/api/openstack/compute/test_servers.py +++ b/nova/tests/api/openstack/compute/test_servers.py @@ -959,6 +959,30 @@ class ServersControllerTest(test.TestCase): self.assertEqual(res_dict['server']['accessIPv4'], '0.0.0.0') self.assertEqual(res_dict['server']['accessIPv6'], 'beef::0123') + def test_update_server_invalid_xml_raises_lookup(self): + req = fakes.HTTPRequest.blank('/v2/fake/servers/%s' % FAKE_UUID) + req.method = 'PUT' + req.content_type = 'application/xml' + #xml request which raises LookupError + req.body = """<?xml version="1.0" encoding="TF-8"?> + <metadata + xmlns="http://docs.openstack.org/compute/api/v1.1" + key="Label"></meta>""" + res = req.get_response(fakes.wsgi_app()) + self.assertEqual(res.status_int, 400) + + def test_update_server_invalid_xml_raises_expat(self): + req = fakes.HTTPRequest.blank('/v2/fake/servers/%s' % FAKE_UUID) + req.method = 'PUT' + req.content_type = 'application/xml' + #xml request which raises ExpatError + req.body = """<?xml version="1.0" encoding="UTF-8"?> + <metadata + xmlns="http://docs.openstack.org/compute/api/v1.1" + key="Label"></meta>""" + res = req.get_response(fakes.wsgi_app()) + self.assertEqual(res.status_int, 400) + def test_update_server_name(self): self.stubs.Set(nova.db, 'instance_get', fakes.fake_instance_get(name='server_test')) |