Skip to content

Commit

Permalink
Use safe JSON serialization for metadata upload. (bluesky#452)
Browse files Browse the repository at this point in the history
  • Loading branch information
danielballan authored Jun 14, 2023
1 parent af69257 commit 678cded
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 3 deletions.
12 changes: 12 additions & 0 deletions tiled/_tests/test_writing.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
Persistent stores are being developed externally to the tiled package.
"""
from datetime import datetime

import dask.dataframe
import numpy
Expand Down Expand Up @@ -341,3 +342,14 @@ def test_metadata_revisions(tree):
assert len(ac.metadata_revisions[:]) == 1
with fail_with_status_code(404):
ac.metadata_revisions.delete_revision(1)


def test_metadata_with_unsafe_objects(tree):
with Context.from_app(build_app(tree)) as context:
client = from_context(context)
ac = client.write_array(
[1, 2, 3],
metadata={"date": datetime.now(), "array": numpy.array([1, 2, 3])},
)
ac.metadata
ac.read()
6 changes: 3 additions & 3 deletions tiled/client/context.py
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
import msgpack

from .._version import get_versions
from ..utils import DictView, Sentinel
from ..utils import DictView, Sentinel, safe_json_dump
from .auth import (
DEFAULT_TOKEN_CACHE,
CannotRefreshAuthentication,
Expand Down Expand Up @@ -602,7 +602,7 @@ def post_json(self, path, content, params=None):
request = self.http_client.build_request(
"POST",
path,
json=content,
content=safe_json_dump(content),
# Submit CSRF token in both header and cookie.
# https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#double-submit-cookie
headers={
Expand All @@ -622,7 +622,7 @@ def put_json(self, path, content):
request = self.http_client.build_request(
"PUT",
path,
json=content,
content=safe_json_dump(content),
# Submit CSRF token in both header and cookie.
# https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#double-submit-cookie
headers={
Expand Down

0 comments on commit 678cded

Please sign in to comment.