[
https://issues.apache.org/jira/browse/COUCHDB-558?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Filipe Manana updated COUCHDB-558:
----------------------------------
Attachment: jira-couchdb-558-7th-try-trunk.patch
I was doing an error in the previous patches: doing base64 decoding of the
received chunks in couch_stream.
As RFC 2616 (http://tools.ietf.org/html/rfc2616#section-14.15) says, the MD5
digest is calculated after any content encoding is applied to the body. In
Couch's case, the content encoding is base64 for the attachments, which is
implicit in case the "Content-Encoding: base64" header is missing in the
attachment upload request.
Therefore, this patch no longer modifies couch_stream.erl and is more
minimalistic now.
Feedback is welcome.
cheers
> Validate Content-MD5 request headers on uploads
> -----------------------------------------------
>
> Key: COUCHDB-558
> URL: https://issues.apache.org/jira/browse/COUCHDB-558
> Project: CouchDB
> Issue Type: Improvement
> Components: Database Core, HTTP Interface
> Reporter: Adam Kocoloski
> Fix For: 0.11
>
> Attachments: jira-couchdb-558-4th-try.patch,
> jira-couchdb-558-5th-try.patch, jira-couchdb-558-6th-try-trunk.patch,
> jira-couchdb-558-7th-try-trunk.patch,
> jira-couchdb-558-for-trunk-2nd-try.patch,
> jira-couchdb-558-for-trunk-3rd-try.patch, jira-couchdb-558-for-trunk.patch,
> run.tpl.patch
>
>
> We could detect in-flight data corruption if a client sends a Content-MD5
> header along with the data and Couch validates the MD5 on arrival.
> RFC1864 - The Content-MD5 Header Field
> http://www.faqs.org/rfcs/rfc1864.html
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
