commit f9820a25d38584fdcc9ffde44de6ec146b6de4fb
Author: Mike Fedosin <email address hidden>
Date: Mon Dec 8 16:22:05 2014 +0300
Add sort key validation in v2 api
Since v2 api has no sort key validation and the default
pagination check is used it's possible to request something
like /images?sort_key=_sa_class_manager, which causes an
inner SQL exception with 500 response code from the server.
This code validates input sort key and raises an exception
if the parameter is out of the supported keys list.
Reviewed: https:/ /review. openstack. org/139996 /git.openstack. org/cgit/ openstack/ glance/ commit/ ?id=f9820a25d38 584fdcc9ffde44d e6ec146b6de4fb
Committed: https:/
Submitter: Jenkins
Branch: master
commit f9820a25d38584f dcc9ffde44de6ec 146b6de4fb
Author: Mike Fedosin <email address hidden>
Date: Mon Dec 8 16:22:05 2014 +0300
Add sort key validation in v2 api
Since v2 api has no sort key validation and the default sort_key= _sa_class_ manager, which causes an
pagination check is used it's possible to request something
like /images?
inner SQL exception with 500 response code from the server.
This code validates input sort key and raises an exception
if the parameter is out of the supported keys list.
Closes-bug: 1400366
Change-Id: I0cf58ad198375a 2f6f58bd7820cbb 9d86003247a