low level client functions should validate against pseudo-folder in container argument
Bug #1532991 reported by
clayg
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-swiftclient |
New
|
Undecided
|
Unassigned |
Bug Description
We've allowed the swift command line client perform uploads to pseudo-folders:
swift upload test/folder deleteme
and it's resulted in a number of bugs:
lp bug #1432734
lp bug #1478210
With those fixed in patch 263259 [1] - we've opened more:
lp bug #1532981
lp bug #1532988
To prevent future insanity we should make all the low-level client.py methods that take a container parameter raise ValueError if they contain a "/" instead of blindly slamming whatever crazy path we get from the client into the uri.
To post a comment you must log in.
There's a potential risk here introducing a backward incompatible change at the low level api too unfortunately (glance, horizon) [1] - although the flip side is we may prevent them from introducing the same kind of bug depending on if they more strictly validate their input that we apparently have?
It's possible the best we can do is a warning depending on how grievous we perceive the risk.
1. Thanks for the reminder @timburke!