unquote params extracted from paths #680
Comments
pjenvey
added
bug
|
Tempted to say we could just fix bad bso_ids on the fly when we write them back out. That would save the scan costs and let bad records expire out naturally. It does run the risk of possibly breaking any client that is expecting a bad bso_id, though. |
|
The good news, according to @mhammond, is our browsers aren't going to hit this in practice. They tend to upload records via POST instead of PUT (which completely avoids the bug). I see the Hence why this never occurred during QA's testing. So we should fix this ASAP but probably don't need to worry much about garbage bso_ids. |
|
Added server-syncstorage#148 as this could really use an addition to the e2e tests |
|
I do think we should try scanning for garbage data, because otherwise it might just sit there forever. |
I'm not sure those records would expire naturally. Most records don't have an expire time, right? I feel like enforcing a stricter uuid format might be better in the long run so that the uuid is always in the same format? |
I'm all in favor of enforcing strict UUID formatting. I though all BSOs had some TTL associated with them. If not, we may want to consider adding one. |
|
I keep saying I will work on this but then I don't. I'm going to unassign myself for now. |
|
I can try taking a shot at this. |
Remove potential "{}" wrapper from bsoids and collection ids. (See original issue for details)
Test included.
Try sending in a sync request with a bso_id wrapped and URLencoded.
Closes #680
* bug: normalize id elements to remove potential wrap characters
* chore: Update vendored SDK to use protobuf 2.16.2
Remove potential "{}" wrapper from bsoids and collection ids. (See original issue for details)
Test included.
Try sending in a sync request with a bso_id wrapped and URLencoded.
Closes #680
The
extractorsmodule producesBsoParam,CollectionParamandHawkIdentifierfromextracted bits of the request path.
Our
<..>_from_pathmethods aren't unquoting path segments. E.g. a bso_id of "{password-id}" comes in asPUT /1.5/uid/storage/passwords/%7Bpassword-id%7D: we're incorrectly considering this abso_idof "%7Bpassword-id%7D" instead.This likely only affects bso_ids. collection_ids are restricted to
[a-zA-Z0-9._-]{1,32}and uids to[0-9]{1,10}(and we ensure uids match the hawk payload's, so there's no funny business there anyway). Whereas bso_ids allows any printable ascii character.We've likely written garbage bso_ids via PUT. Should we attempt to fix the garbage bso_ids in the db? It would require extensive scanning of our request logs to do correctly.
DELETEs against migrated data would unexpectedly 404, causing:
https://bugzilla.mozilla.org/show_bug.cgi?id=1640123#c2
The text was updated successfully, but these errors were encountered: