This is an automated email from the ASF dual-hosted git repository. rnewson pushed a commit to branch 404-for-extra-paths in repository https://gitbox.apache.org/repos/asf/couchdb.git
commit 1936f624284f7e3608f7b8df7276db12b5dd13c5 Author: Robert Newson <[email protected]> AuthorDate: Thu Feb 19 12:15:23 2026 +0000 Send 404 for /_all_dbs and /_dbs_info with extra path parts closes https://github.com/apache/couchdb/issues/5892 --- src/chttpd/src/chttpd_misc.erl | 12 ++++++++---- test/elixir/test/basics_test.exs | 15 +++++++++++++++ test/elixir/test/config/suite.elixir | 4 +++- 3 files changed, 26 insertions(+), 5 deletions(-) diff --git a/src/chttpd/src/chttpd_misc.erl b/src/chttpd/src/chttpd_misc.erl index c22a27b98..526aade5e 100644 --- a/src/chttpd/src/chttpd_misc.erl +++ b/src/chttpd/src/chttpd_misc.erl @@ -112,9 +112,11 @@ handle_utils_dir_req(#httpd{method = 'GET'} = Req, DocumentRoot) -> handle_utils_dir_req(Req, _) -> send_method_not_allowed(Req, "GET,HEAD"). -handle_all_dbs_req(#httpd{method = 'GET'} = Req) -> +handle_all_dbs_req(#httpd{method = 'GET', path_parts = [<<"_all_dbs">>]} = Req) -> handle_all_dbs_info_req(Req); -handle_all_dbs_req(Req) -> +handle_all_dbs_req(#httpd{path_parts = [<<"_all_dbs">> | _]} = Req) -> + chttpd:send_error(Req, not_found); +handle_all_dbs_req(#httpd{path_parts = [<<"_all_dbs">>]} = Req) -> send_method_not_allowed(Req, "GET,HEAD"). handle_all_dbs_info_req(Req) -> @@ -170,9 +172,9 @@ all_dbs_info_callback({error, Reason}, #vacc{resp = Resp0} = Acc) -> {ok, Resp1} = chttpd:send_delayed_error(Resp0, Reason), {ok, Acc#vacc{resp = Resp1}}. -handle_dbs_info_req(#httpd{method = 'GET'} = Req) -> +handle_dbs_info_req(#httpd{method = 'GET', path_parts = [<<"_dbs_info">>]} = Req) -> handle_all_dbs_info_req(Req); -handle_dbs_info_req(#httpd{method = 'POST'} = Req) -> +handle_dbs_info_req(#httpd{method = 'POST', path_parts = [<<"_dbs_info">>]} = Req) -> chttpd:validate_ctype(Req, "application/json"), Props = chttpd:json_body_obj(Req), Keys = couch_mrview_util:get_view_keys(Props), @@ -209,6 +211,8 @@ handle_dbs_info_req(#httpd{method = 'POST'} = Req) -> ), send_chunk(Resp, "]"), chttpd:end_json_response(Resp); +handle_dbs_info_req(#httpd{path_parts = [<<"_dbs_info">> | _]} = Req) -> + chttpd:send_error(Req, not_found); handle_dbs_info_req(Req) -> send_method_not_allowed(Req, "GET,HEAD,POST"). diff --git a/test/elixir/test/basics_test.exs b/test/elixir/test/basics_test.exs index 21eb77bcf..a76510a13 100644 --- a/test/elixir/test/basics_test.exs +++ b/test/elixir/test/basics_test.exs @@ -388,4 +388,19 @@ defmodule BasicsTest do resp = Couch.get("/", headers: ["X-Couch-Request-ID": uuid]) assert resp.headers["X-Couch-Request-ID"] == uuid end + + @tag + test "_all_dbs/_all_docs is not found", _context do + resp = Couch.get("/_all_dbs/_all_docs") + assert resp.status_code == 404 + assert resp.body["error"] == "not_found" + end + + @tag + test "_dbs_info/_all_docs is not found", _context do + resp = Couch.get("/_dbs_info/_all_docs") + assert resp.status_code == 404 + assert resp.body["error"] == "not_found" + end + end diff --git a/test/elixir/test/config/suite.elixir b/test/elixir/test/config/suite.elixir index 81ed1e63d..4f494431b 100644 --- a/test/elixir/test/config/suite.elixir +++ b/test/elixir/test/config/suite.elixir @@ -81,7 +81,9 @@ "_all_docs POST error when multi-get is not a {'key': [...]} structure", "_bulk_docs POST error when body not an object", "oops, the doc id got lost in code nirwana", - "request ID can be specified at the client" + "request ID can be specified at the client", + "_all_dbs/_all_docs is not found", + "_dbs_info/_all_docs is not found" ], "BatchSaveTest": [ "batch post",
