Enforce strict content-length validation; update documentation#15
Merged
Conversation
Add documentation about state-machine-based FSM parsing. Add reference to file management API in the configuration description.
Reject requests with HTTP 400 when a body is present in a GET request. Ensure that no body is sent in response to HEAD requests. Update docstrings and add inline comments for clarifciation about state machine behavior.
- add helper for incrementing content-length counter and validation, replacing individual content-length validation checks - add note about limitation in multipart parser, not supporting chunked encoding, preamble, and epilogue sections - add new test cases covering various edge cases for content-length validation - fix invalid content-length in test_http_file_server.py - fix the handling of trailing CRLF after closing boundary delimiter in multipart parsing; allow CRLF optionally
_TMP_DIR is normalized multiple times in the file server module, causing test failures when CWD is not the root directory.
Add examples based on curl for trying /files from a terminal.
Refinements: - enable garbage collection - rename test for bulk file uploads - separate functional tests based on feature flags New tests: - test if bulk upload works by validating uploaded files - test file access control enforced by the /files API
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request delivers bug fixes and hardenings before the v0.7.0 release, as well as improved documentation and test coverage for file serving use cases.