We use cookies to ensure you get the best experience on our website
首页 发现 帮助
注册 登录
0ct0pu5
/
desec-stack
1
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
浏览代码

fix(api): disallow generic type format like TYPExxx

pdns would convert types like TYPE99 to the named ones (here: SPF),
but our API cannot do so without maintaining a mapping table that
depends on the pdns version. Currently, we would store two distinct
RRsets in our API database, corresponding to only one RRset in pdns.
Worse, if one RRset was deleted (along with the one on pdns), the
other would remain as an orphan.

The only usecase for this would be new types quickly gaining
popularity although pdns does not know them yet. In this case, we
can address the issue again.
Peter Thomassen 7 年之前
父节点
9ad740bd3d
当前提交
9d2f6b91f6
共有 2 个文件被更改,包括 5 次插入0 次删除
分列视图 显示文件统计
  1. 3 0
      api/desecapi/serializers.py
  2. 2 0
      test/e2e/spec/api_spec.js

+ 3 - 0
api/desecapi/serializers.py
查看文件 

@@ -176,6 +176,9 @@ class RRsetSerializer(BulkSerializerMixin, serializers.ModelSerializer):
 
         if value in RRset.RESTRICTED_TYPES:
 
             raise serializers.ValidationError(
 
                 "You cannot tinker with the %s RRset." % value)
 
+        if value.startswith('TYPE'):
 
+            raise serializers.ValidationError(
 
+                "Generic type format is not supported.")
 
         return value
 
 
     def to_representation(self, instance):

+ 2 - 0
test/e2e/spec/api_spec.js
查看文件 

@@ -246,6 +246,7 @@ describe("API", function () {
 
                                 {'subname': 'd.1', 'ttl': 50, 'type': 'AAAA'},
 
                                 {'subname': 'd.1', 'ttl': 50, 'type': 'SOA', 'records': ['ns1.desec.io. peter.desec.io. 2018034419 10800 3600 604800 60']},
 
                                 {'subname': 'd.1', 'ttl': 50, 'type': 'OPT', 'records': ['9999']},
 
+                                {'subname': 'd.1', 'ttl': 50, 'type': 'TYPE099', 'records': ['v=spf1 mx -all']},
 
                             ]
 
                         );
 
                         expect(response).to.have.status(400);
 
@@ -257,6 +258,7 @@ describe("API", function () {
 
                             { records: [ 'This field is required.' ] },
 
                             { type: [ 'You cannot tinker with the SOA RRset.' ] },
 
                             { type: [ 'You cannot tinker with the OPT RRset.' ] },
 
+                            { type: [ 'Generic type format is not supported.' ] },
 
                         ]);
 
 
                         return chakram.wait();

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5