couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Filipe Manana (JIRA)" <>
Subject [jira] Commented: (COUCHDB-558) Validate Content-MD5 request headers on uploads
Date Sun, 15 Nov 2009 10:37:39 GMT


Filipe Manana commented on COUCHDB-558:

Hi Paul,

I do agree.

Regarding the comment of fhe first bullet point "We should probably be checking the Content-MD5
before we process the request".

Isn't this the case? I mean, HandlerFun(Req) is invoked only if check_integrity() returns
{ok, _}. Also, if the check is successful, check_integrity returns a new #httpd record with
the req_body field set, therefore any subsequent calls to body() will use that new #httpd

I'll change my code to follow your suggestions.
I'll submit another patch in a few days.

Thanks for the feedback

> Validate Content-MD5 request headers on uploads
> -----------------------------------------------
>                 Key: COUCHDB-558
>                 URL:
>             Project: CouchDB
>          Issue Type: Improvement
>          Components: Database Core, HTTP Interface
>            Reporter: Adam Kocoloski
>             Fix For: 0.11
>         Attachments: jira-couchdb-558-for-trunk-2nd-try.patch, jira-couchdb-558-for-trunk.patch
> We could detect in-flight data corruption if a client sends a Content-MD5 header along
with the data and Couch validates the MD5 on arrival.
> RFC1864 - The Content-MD5 Header Field

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message