couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Filipe Manana (JIRA)" <j...@apache.org>
Subject [jira] Commented: (COUCHDB-558) Validate Content-MD5 request headers on uploads
Date Sun, 15 Nov 2009 10:37:39 GMT

    [ https://issues.apache.org/jira/browse/COUCHDB-558?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12778084#action_12778084
] 

Filipe Manana commented on COUCHDB-558:
---------------------------------------

Hi Paul,

I do agree.

Regarding the comment of fhe first bullet point "We should probably be checking the Content-MD5
before we process the request".

Isn't this the case? I mean, HandlerFun(Req) is invoked only if check_integrity() returns
{ok, _}. Also, if the check is successful, check_integrity returns a new #httpd record with
the req_body field set, therefore any subsequent calls to body() will use that new #httpd
record.

I'll change my code to follow your suggestions.
I'll submit another patch in a few days.

Thanks for the feedback

> Validate Content-MD5 request headers on uploads
> -----------------------------------------------
>
>                 Key: COUCHDB-558
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-558
>             Project: CouchDB
>          Issue Type: Improvement
>          Components: Database Core, HTTP Interface
>            Reporter: Adam Kocoloski
>             Fix For: 0.11
>
>         Attachments: jira-couchdb-558-for-trunk-2nd-try.patch, jira-couchdb-558-for-trunk.patch
>
>
> We could detect in-flight data corruption if a client sends a Content-MD5 header along
with the data and Couch validates the MD5 on arrival.
> RFC1864 - The Content-MD5 Header Field
> http://www.faqs.org/rfcs/rfc1864.html

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message