diff options
| author | Vladimir Dronnikov <[email protected]> | 2013-04-12 09:51:47 +0400 |
|---|---|---|
| committer | Vladimir Dronnikov <[email protected]> | 2013-04-12 14:58:08 +0400 |
| commit | 180143f9b2ec8f82db11a89485140b1a89c4f0df (patch) | |
| tree | bab15310b8b56dbbaf21dd6b95e519c11c7cca86 | |
| parent | fa31c8259572d467ed7e95926c7530f61f775559 (diff) | |
| download | cowboy-180143f9b2ec8f82db11a89485140b1a89c4f0df.tar.gz cowboy-180143f9b2ec8f82db11a89485140b1a89c4f0df.tar.bz2 cowboy-180143f9b2ec8f82db11a89485140b1a89c4f0df.zip | |
rest: reject incorrect content-type header
| -rw-r--r-- | src/cowboy_rest.erl | 9 | ||||
| -rw-r--r-- | test/http_SUITE.erl | 11 |
2 files changed, 17 insertions, 3 deletions
diff --git a/src/cowboy_rest.erl b/src/cowboy_rest.erl index 526f102..40baabb 100644 --- a/src/cowboy_rest.erl +++ b/src/cowboy_rest.erl @@ -776,9 +776,12 @@ accept_resource(Req, State, OnTrue) -> {CTA, Req2, HandlerState} -> CTA2 = [normalize_content_types(P) || P <- CTA], State2 = State#state{handler_state=HandlerState}, - {ok, ContentType, Req3} - = cowboy_req:parse_header(<<"content-type">>, Req2), - choose_content_type(Req3, State2, OnTrue, ContentType, CTA2) + case cowboy_req:parse_header(<<"content-type">>, Req2) of + {ok, ContentType, Req3} -> + choose_content_type(Req3, State2, OnTrue, ContentType, CTA2); + {error, badarg} -> + respond(Req2, State2, 415) + end end. %% The special content type '*' will always match. It can be used as a diff --git a/test/http_SUITE.erl b/test/http_SUITE.erl index e33e19a..14bba9c 100644 --- a/test/http_SUITE.erl +++ b/test/http_SUITE.erl @@ -54,6 +54,7 @@ -export([pipeline/1]). -export([pipeline_long_polling/1]). -export([rest_bad_accept/1]). +-export([rest_bad_content_type/1]). -export([rest_expires/1]). -export([rest_keepalive/1]). -export([rest_keepalive_post/1]). @@ -123,6 +124,7 @@ groups() -> pipeline, pipeline_long_polling, rest_bad_accept, + rest_bad_content_type, rest_expires, rest_keepalive, rest_keepalive_post, @@ -355,6 +357,7 @@ init_dispatch(Config) -> {"/echo/body_qs", http_handler_body_qs, []}, {"/param_all", rest_param_all, []}, {"/bad_accept", rest_simple_resource, []}, + {"/bad_content_type", rest_patch_resource, []}, {"/simple", rest_simple_resource, []}, {"/forbidden_post", rest_forbidden_resource, [true]}, {"/simple_post", rest_forbidden_resource, [false]}, @@ -879,6 +882,14 @@ rest_bad_accept(Config) -> Client), {ok, 400, _, _} = cowboy_client:response(Client2). +rest_bad_content_type(Config) -> + Client = ?config(client, Config), + {ok, Client2} = cowboy_client:request(<<"PATCH">>, + build_url("/bad_content_type", Config), + [{<<"content-type">>, <<"text/plain, text/html">>}], + <<"Whatever">>, Client), + {ok, 415, _, _} = cowboy_client:response(Client2). + rest_expires(Config) -> Client = ?config(client, Config), {ok, Client2} = cowboy_client:request(<<"GET">>, |