This repository has been archived by the owner on Jul 13, 2023. It is now read-only.
feat: enforce strict crypto header checks #734
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bbangert
force-pushed
the
feat/issue-188
branch
from
e2e4010 to
3eb6df9
Compare
|
+1 |
bbangert
force-pushed
the
feat/issue-188
branch
2 times, most recently
from
b2ef3fc to
3845d5a
Compare
bbangert
force-pushed
the
feat/issue-188
branch
4 times, most recently
from
c9ada09 to
adb4562
Compare
Current coverage is 100% (diff: 100%)@@ master #734 diff @@
====================================
Files 47 46 -1
Lines 9065 9156 +91
Methods 0 0
Messages 0 0
Branches 0 0
====================================
+ Hits 9065 9156 +91
Misses 0 0
Partials 0 0
|
bbangert
force-pushed
the
feat/issue-188
branch
from
adb4562 to
9137ad6
Compare
pjenvey
reviewed
Nov 16, 2016
| required=False, | ||
| load_from="encryption-key", | ||
| missing=None, | ||
| validate=lambda x: x is None, |
There was a problem hiding this comment.
What kind of validation error message does this produce (if an encryption-key's included)? If it's not very clear we might want to raise a specific InvalidRequest with a more helpful message.
Here's marshmallow's example for rejecting specific fields:
http://marshmallow.readthedocs.io/en/latest/extending.html#validating-original-input-data
| with assert_raises(InvalidRequest) as cm: | ||
| schema.load(data) | ||
|
|
||
| eq_(cm.exception.message, "Unknown Content-Encoding") |
There was a problem hiding this comment.
might as well check for the expected errno and maybe status_code here additionally
Explicitly verify the crypto headers are present and match either the 01 or 04 webpush encryption drafts. This also includes a refactor of the push schemas to remove the push_validation file. Closes #188
bbangert
force-pushed
the
feat/issue-188
branch
from
9137ad6 to
5a986d0
Compare
pjenvey
approved these changes
Nov 16, 2016
pjenvey
reviewed
Nov 16, 2016
| errno=110) | ||
|
|
||
| @validates_schema(pass_original=True) | ||
| def check_unknown_fields(self, data, original_data): |
There was a problem hiding this comment.
ah one more thing, let's clarify this method name. 'reject_encryption_key' would work
Explicitly verify the crypto headers are present and match either the 01 or 04 webpush encryption drafts. This also includes a refactor of the push schemas to remove the push_validation file. Closes #188
pjenvey
pushed a commit
that referenced
this pull request
Nov 16, 2016
* feat: enforce strict crypto header checks Explicitly verify the crypto headers are present and match either the 01 or 04 webpush encryption drafts. This also includes a refactor of the push schemas to remove the push_validation file. Closes #188
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Explicitly verify the crypto headers are present and match either the
01 or 04 webpush encryption drafts. This also includes a refactor of
the push schemas to remove the push_validation file.
Closes #188