This commit is contained in:
Javier Peletier
Anton Evangelatov
parent
b35165555d
commit
36ca85fa1c
@ -484,7 +484,8 @@ func (s *Server) HandlePostFeed(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
if updateRequest.IsUpdate() {
|
||||
switch {
|
||||
case updateRequest.IsUpdate():
|
||||
// Verify that the signature is intact and that the signer is authorized
|
||||
// to update this feed
|
||||
// Check this early, to avoid creating a feed and then not being able to set its first update.
|
||||
@ -497,9 +498,8 @@ func (s *Server) HandlePostFeed(w http.ResponseWriter, r *http.Request) {
|
||||
respondError(w, r, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if query.Get("manifest") == "1" {
|
||||
fallthrough
|
||||
case query.Get("manifest") == "1":
|
||||
// we create a manifest so we can retrieve feed updates with bzz:// later
|
||||
// this manifest has a special "feed type" manifest, and saves the
|
||||
// feed identification used to retrieve feed updates later
|
||||
@ -519,6 +519,8 @@ func (s *Server) HandlePostFeed(w http.ResponseWriter, r *http.Request) {
|
||||
fmt.Fprint(w, string(outdata))
|
||||
|
||||
w.Header().Add("Content-type", "application/json")
|
||||
default:
|
||||
respondError(w, r, "Missing signature in feed update request", http.StatusBadRequest)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -333,15 +333,45 @@ func TestBzzFeed(t *testing.T) {
|
||||
}
|
||||
urlQuery = testUrl.Query()
|
||||
body = updateRequest.AppendValues(urlQuery) // this adds all query parameters
|
||||
goodQueryParameters := urlQuery.Encode() // save the query parameters for a second attempt
|
||||
|
||||
// create bad query parameters in which the signature is missing
|
||||
urlQuery.Del("signature")
|
||||
testUrl.RawQuery = urlQuery.Encode()
|
||||
|
||||
// 1st attempt with bad query parameters in which the signature is missing
|
||||
resp, err = http.Post(testUrl.String(), "application/octet-stream", bytes.NewReader(body))
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
if resp.StatusCode != http.StatusOK {
|
||||
t.Fatalf("Update returned %s", resp.Status)
|
||||
expectedCode := http.StatusBadRequest
|
||||
if resp.StatusCode != expectedCode {
|
||||
t.Fatalf("Update returned %s. Expected %d", resp.Status, expectedCode)
|
||||
}
|
||||
|
||||
// 2nd attempt with bad query parameters in which the signature is of incorrect length
|
||||
urlQuery.Set("signature", "0xabcd") // should be 130 hex chars
|
||||
resp, err = http.Post(testUrl.String(), "application/octet-stream", bytes.NewReader(body))
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
expectedCode = http.StatusBadRequest
|
||||
if resp.StatusCode != expectedCode {
|
||||
t.Fatalf("Update returned %s. Expected %d", resp.Status, expectedCode)
|
||||
}
|
||||
|
||||
// 3rd attempt, with good query parameters:
|
||||
testUrl.RawQuery = goodQueryParameters
|
||||
resp, err = http.Post(testUrl.String(), "application/octet-stream", bytes.NewReader(body))
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
expectedCode = http.StatusOK
|
||||
if resp.StatusCode != expectedCode {
|
||||
t.Fatalf("Update returned %s. Expected %d", resp.Status, expectedCode)
|
||||
}
|
||||
|
||||
// get latest update through bzz-feed directly
|
||||
|
||||
Loading…
Reference in New Issue
Block a user