couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Filipe Manana (JIRA)" <>
Subject [jira] Updated: (COUCHDB-558) Validate Content-MD5 request headers on uploads
Date Sun, 22 Nov 2009 09:14:39 GMT


Filipe Manana updated COUCHDB-558:

    Attachment: jira-couchdb-558-7th-try-trunk.patch

I was doing an error in the previous patches: doing base64 decoding of the received chunks
in couch_stream. 

As RFC 2616 ( says, the MD5 digest is calculated
after any content encoding is applied to the body. In Couch's case, the content encoding is
base64 for the attachments, which is implicit in case the "Content-Encoding: base64" header
is missing in the attachment upload request.

Therefore, this patch no longer modifies couch_stream.erl and is more minimalistic now.

Feedback is welcome.


> Validate Content-MD5 request headers on uploads
> -----------------------------------------------
>                 Key: COUCHDB-558
>                 URL:
>             Project: CouchDB
>          Issue Type: Improvement
>          Components: Database Core, HTTP Interface
>            Reporter: Adam Kocoloski
>             Fix For: 0.11
>         Attachments: jira-couchdb-558-4th-try.patch, jira-couchdb-558-5th-try.patch,
jira-couchdb-558-6th-try-trunk.patch, jira-couchdb-558-7th-try-trunk.patch, jira-couchdb-558-for-trunk-2nd-try.patch,
jira-couchdb-558-for-trunk-3rd-try.patch, jira-couchdb-558-for-trunk.patch, run.tpl.patch
> We could detect in-flight data corruption if a client sends a Content-MD5 header along
with the data and Couch validates the MD5 on arrival.
> RFC1864 - The Content-MD5 Header Field

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message