From aa65d9cb6ee28f9b2169824186a64c886ebbc66b Mon Sep 17 00:00:00 2001
From: Lloyd Hilaiel <lloyd@hilaiel.com>
Date: Tue, 10 Jul 2012 20:17:16 -0700
Subject: [PATCH] fix defects found in code review for improved api argument
validation, issue #1526
---
lib/wsapi.js | 3 --
lib/wsapi/cert_key.js | 10 +++++-
lib/wsapi/complete_reverify.js | 66 ----------------------------------
3 files changed, 9 insertions(+), 70 deletions(-)
delete mode 100644 lib/wsapi/complete_reverify.js
diff --git a/lib/wsapi.js b/lib/wsapi.js
index 2391db25e..cabedf038 100644
--- a/lib/wsapi.js
+++ b/lib/wsapi.js
@@ -265,9 +265,6 @@ exports.setup = function(options, app) {
// set up the argument validator
if (api.args) {
- if (Array.isArray(api.args)) {
- console.log("WARNING: you should update", operation, "it uses unvalidated arguments");
- }
wsapis[operation].validate = validate(api.args);
} else {
wsapis[operation].validate = function(req,res,next) { next(); };
diff --git a/lib/wsapi/cert_key.js b/lib/wsapi/cert_key.js
index 51b4ea79d..71be5c629 100644
--- a/lib/wsapi/cert_key.js
+++ b/lib/wsapi/cert_key.js
@@ -37,8 +37,16 @@ exports.process = function(req, res) {
// forward to the keysigner!
var keysigner = urlparse(config.get('keysigner_url'));
keysigner.path = '/wsapi/cert_key';
+
+ // parameter validation moves arguments from req.body to req.params,
+ // and removes them from req.body. This feature makes it impossible
+ // to use unvalidated params in your wsapi "process" function.
+ //
+ // http_forward, however, will only forward params in req.body
+ // or req.query. so we explicitly copy req.params to req.body
+ // to cause them to be forwarded.
req.body = req.params;
- console.log('bid params', req.params);
+
forward(keysigner, req, res, function(err) {
if (err) {
logger.error("error forwarding request to keysigner: " + err);
diff --git a/lib/wsapi/complete_reverify.js b/lib/wsapi/complete_reverify.js
deleted file mode 100644
index 6bd22253e..000000000
--- a/lib/wsapi/complete_reverify.js
+++ /dev/null
@@ -1,66 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-const
-db = require('../db.js'),
-logger = require('../logging.js').logger,
-wsapi = require('../wsapi.js'),
-bcrypt = require('../bcrypt.js'),
-httputils = require('../httputils.js');
-
-exports.method = 'post';
-exports.writes_db = true;
-exports.authed = false;
-exports.args = {
- 'token': 'token',
- // NOTE: 'pass' is required when a user is not authenticated
- 'pass': {
- type: 'password',
- optional: true
- }
-};
-exports.i18n = false;
-
-exports.process = function(req, res) {
- // in order to complete an email re-verification, one of the following must be true:
- //
- // 1. you must already be authenticated as the user who initiated the verification
- // 2. you must provide the password of the initiator.
-
- db.authForVerificationSecret(req.params.token, function(err, initiator_hash, initiator_uid) {
- if (err) {
- logger.info("unknown verification secret: " + err);
- return wsapi.databaseDown(res, err);
- }
-
- if (req.session.userid === initiator_uid) {
- postAuthentication();
- } else if (typeof req.params.pass === 'string') {
- bcrypt.compare(req.params.pass, initiator_hash, function (err, success) {
- if (err) {
- logger.warn("max load hit, failing on auth request with 503: " + err);
- return httputils.serviceUnavailable(res, "server is too busy");
- } else if (!success) {
- return httputils.authRequired(res, "password mismatch");
- } else {
- postAuthentication();
- }
- });
- } else {
- return httputils.authRequired(res, "password required");
- }
-
- function postAuthentication() {
- db.completeReverify(req.params.token, function(e, email, uid) {
- if (e) {
- logger.warn("couldn't complete email verification: " + e);
- wsapi.databaseDown(res, e);
- } else {
- wsapi.authenticateSession(req.session, uid, 'password');
- res.json({ success: true });
- }
- });
- };
- });
-};
--
GitLab