Comment 20 for bug 1098307
Revision history for this message
| Dan Prince (dan-prince) wrote Re: unauthenticated POST to /tokens can fill up disk/logs | #20 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
ayoung:
what specifically don't you like about these patches? All I'm doing is:
Add size validations to token controller.
Updates token controller so that it explicitly checks the max
size of userId, username, tenantId, tenantname, token, and password
before continuing with a request.
I don't see what is so bad about this? I've tested it manually and it certainly fixes the issue I describe up top.
---
Also, the request to /tokens we are talking about in this ticket is a POST where the body is really large. (not the URL).