Apache
/
lucene
mirror of https://github.com/apache/lucene.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SOLR-5517: Return HTTP error on POST requests with no Content-Type 

git-svn-id: https://svn.apache.org/repos/asf/lucene/dev/trunk@1547322 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Ryan Ernst 2013-12-03 09:19:30 +00:00
parent d1085391c1
commit ce46fecc28
7 changed files with 43 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
solr/CHANGES.txt
View File

@ -218,6 +218,9 @@ Other Changes
* SOLR-5499: Log a warning if /get is not registered when using SolrCloud. * SOLR-5499: Log a warning if /get is not registered when using SolrCloud.
(Daniel Collins via shalin) (Daniel Collins via shalin)
* SOLR-5517: Return HTTP error on POST requests with no Content-Type.
(Ryan Ernst, Uwe Schindler)
================== 4.6.0 ================== ================== 4.6.0 ==================
Versions of Major Components Versions of Major Components

4
solr/core/src/java/org/apache/solr/handler/UpdateRequestHandler.java
View File

@ -75,7 +75,7 @@ public class UpdateRequestHandler extends ContentStreamHandlerBase {
type = stream.getContentType(); type = stream.getContentType();
} }
if( type == null ) { // Normal requests will not get here. if( type == null ) { // Normal requests will not get here.
throw new SolrException(ErrorCode.BAD_REQUEST, "Missing ContentType"); throw new SolrException(ErrorCode.UNSUPPORTED_MEDIA_TYPE, "Missing ContentType");
} }
int idx = type.indexOf(';'); int idx = type.indexOf(';');
if(idx>0) { if(idx>0) {
@ -83,7 +83,7 @@ public class UpdateRequestHandler extends ContentStreamHandlerBase {
} }
ContentStreamLoader loader = loaders.get(type); ContentStreamLoader loader = loaders.get(type);
if(loader==null) { if(loader==null) {
throw new SolrException(ErrorCode.BAD_REQUEST, "Unsupported ContentType: " throw new SolrException(ErrorCode.UNSUPPORTED_MEDIA_TYPE, "Unsupported ContentType: "
+type+ " Not in: "+loaders.keySet()); +type+ " Not in: "+loaders.keySet());
} }
if(loader.getDefaultWT()!=null) { if(loader.getDefaultWT()!=null) {

6
solr/core/src/java/org/apache/solr/handler/component/SearchHandler.java
View File

@ -22,9 +22,11 @@ import java.util.LinkedList;
import java.util.List; import java.util.List;
import org.apache.solr.common.SolrException; import org.apache.solr.common.SolrException;
import org.apache.solr.common.SolrException.ErrorCode;
import org.apache.solr.common.params.CommonParams; import org.apache.solr.common.params.CommonParams;
import org.apache.solr.common.params.ModifiableSolrParams; import org.apache.solr.common.params.ModifiableSolrParams;
import org.apache.solr.common.params.ShardParams; import org.apache.solr.common.params.ShardParams;
import org.apache.solr.common.util.ContentStream;
import org.apache.solr.core.CloseHook; import org.apache.solr.core.CloseHook;
import org.apache.solr.core.PluginInfo; import org.apache.solr.core.PluginInfo;
import org.apache.solr.core.SolrCore; import org.apache.solr.core.SolrCore;
@ -165,6 +167,10 @@ public class SearchHandler extends RequestHandlerBase implements SolrCoreAware ,
{ {
// int sleep = req.getParams().getInt("sleep",0); // int sleep = req.getParams().getInt("sleep",0);
// if (sleep > 0) {log.error("SLEEPING for " + sleep); Thread.sleep(sleep);} // if (sleep > 0) {log.error("SLEEPING for " + sleep); Thread.sleep(sleep);}
if (req.getContentStreams() != null && req.getContentStreams().iterator().hasNext()) {
throw new SolrException(ErrorCode.BAD_REQUEST, "Search requests cannot accept content streams");
}
ResponseBuilder rb = new ResponseBuilder(req, rsp, components); ResponseBuilder rb = new ResponseBuilder(req, rsp, components);
if (rb.requestInfo != null) { if (rb.requestInfo != null) {
rb.requestInfo.setResponseBuilder(rb); rb.requestInfo.setResponseBuilder(rb);

5
solr/core/src/java/org/apache/solr/servlet/SolrRequestParsers.java
View File

@ -680,7 +680,10 @@ public class SolrRequestParsers
if (ServletFileUpload.isMultipartContent(req)) { if (ServletFileUpload.isMultipartContent(req)) {
return multipart.parseParamsAndFillStreams(req, streams); return multipart.parseParamsAndFillStreams(req, streams);
} }
return raw.parseParamsAndFillStreams(req, streams); if (req.getContentType() != null) {
return raw.parseParamsAndFillStreams(req, streams);
}
throw new SolrException(ErrorCode.UNSUPPORTED_MEDIA_TYPE, "Must specify a Content-Type header with POST requests");
} }
throw new SolrException(ErrorCode.BAD_REQUEST, "Unsupported method: " + method + " for request " + req); throw new SolrException(ErrorCode.BAD_REQUEST, "Unsupported method: " + method + " for request " + req);
} }

11
solr/core/src/test/org/apache/solr/request/TestRemoteStreaming.java
View File

@ -27,6 +27,7 @@ import org.apache.solr.client.solrj.request.QueryRequest;
import org.apache.solr.client.solrj.response.QueryResponse; import org.apache.solr.client.solrj.response.QueryResponse;
import org.apache.solr.common.SolrException; import org.apache.solr.common.SolrException;
import org.apache.solr.common.SolrInputDocument; import org.apache.solr.common.SolrInputDocument;
import org.apache.solr.common.SolrException.ErrorCode;
import org.junit.AfterClass; import org.junit.AfterClass;
import org.junit.Before; import org.junit.Before;
import org.junit.BeforeClass; import org.junit.BeforeClass;
@ -103,14 +104,18 @@ public class TestRemoteStreaming extends SolrJettyTestBase {
return null; return null;
} }
/** Do a select query with the stream.url. Solr should NOT access that URL, and so the data should be there. */ /** Do a select query with the stream.url. Solr should fail */
@Test @Test
public void testNoUrlAccess() throws Exception { public void testNoUrlAccess() throws Exception {
SolrQuery query = new SolrQuery(); SolrQuery query = new SolrQuery();
query.setQuery( "*:*" );//for anything query.setQuery( "*:*" );//for anything
query.add("stream.url",makeDeleteAllUrl()); query.add("stream.url",makeDeleteAllUrl());
getSolrServer().query(query); try {
assertTrue(searchFindsIt());//still there getSolrServer().query(query);
fail();
} catch (SolrException se) {
assertSame(ErrorCode.BAD_REQUEST, ErrorCode.getErrorCode(se.code()));
}
} }
/** SOLR-3161 /** SOLR-3161

17
solr/core/src/test/org/apache/solr/servlet/SolrRequestParserTest.java
View File

@ -379,4 +379,21 @@ public class SolrRequestParserTest extends SolrTestCaseJ4 {
assertEquals("10.0.0.1", ((HttpServletRequest)solrReq.getContext().get("httpRequest")).getHeaders("X-Forwarded-For").nextElement()); assertEquals("10.0.0.1", ((HttpServletRequest)solrReq.getContext().get("httpRequest")).getHeaders("X-Forwarded-For").nextElement());
} }
public void testPostMissingContentType() throws Exception {
HttpServletRequest request = createMock(HttpServletRequest.class);
expect(request.getMethod()).andReturn("POST").anyTimes();
expect(request.getContentType()).andReturn(null).anyTimes();
expect(request.getQueryString()).andReturn(null).anyTimes();
replay(request);
SolrRequestParsers parsers = new SolrRequestParsers(h.getCore().getSolrConfig());
try {
parsers.parse(h.getCore(), "/select", request);
fail("should throw SolrException");
} catch (SolrException e) {
assertTrue(e.getMessage().startsWith("Must specify a Content-Type header with POST requests"));
assertEquals(415, e.code());
}
}
} }

1
solr/solrj/src/java/org/apache/solr/common/SolrException.java
View File

@ -42,6 +42,7 @@ public class SolrException extends RuntimeException {
FORBIDDEN( 403 ), FORBIDDEN( 403 ),
NOT_FOUND( 404 ), NOT_FOUND( 404 ),
CONFLICT( 409 ), CONFLICT( 409 ),
UNSUPPORTED_MEDIA_TYPE( 415 ),
SERVER_ERROR( 500 ), SERVER_ERROR( 500 ),
SERVICE_UNAVAILABLE( 503 ), SERVICE_UNAVAILABLE( 503 ),
UNKNOWN(0); UNKNOWN(0);