[
https://issues.apache.org/jira/browse/COUCHDB-558?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12778084#action_12778084
]
Filipe Manana commented on COUCHDB-558:
---------------------------------------
Hi Paul,
I do agree.
Regarding the comment of fhe first bullet point "We should probably be checking
the Content-MD5 before we process the request".
Isn't this the case? I mean, HandlerFun(Req) is invoked only if
check_integrity() returns {ok, _}. Also, if the check is successful,
check_integrity returns a new #httpd record with the req_body field set,
therefore any subsequent calls to body() will use that new #httpd record.
I'll change my code to follow your suggestions.
I'll submit another patch in a few days.
Thanks for the feedback
> Validate Content-MD5 request headers on uploads
> -----------------------------------------------
>
> Key: COUCHDB-558
> URL: https://issues.apache.org/jira/browse/COUCHDB-558
> Project: CouchDB
> Issue Type: Improvement
> Components: Database Core, HTTP Interface
> Reporter: Adam Kocoloski
> Fix For: 0.11
>
> Attachments: jira-couchdb-558-for-trunk-2nd-try.patch,
> jira-couchdb-558-for-trunk.patch
>
>
> We could detect in-flight data corruption if a client sends a Content-MD5
> header along with the data and Couch validates the MD5 on arrival.
> RFC1864 - The Content-MD5 Header Field
> http://www.faqs.org/rfcs/rfc1864.html
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
