Skip to content
This repository has been archived by the owner on Jul 13, 2023. It is now read-only.

Validate crypto headers #456

Closed
ghost opened this issue Apr 28, 2016 · 2 comments
Closed

Validate crypto headers #456

ghost opened this issue Apr 28, 2016 · 2 comments
Assignees
@jrconlin
Labels
enhancement p1
Milestone
PUSHSVC-0: quality

Comments

@ghost
Copy link

ghost commented Apr 28, 2016
edited by jrconlin
Loading

@jrconlin brings up a great point in #452 (comment):

They already have several significant hurdles to overcome (encryption, user data management, scaling) and then us rejecting their submission because they included characters that literally signify nothing would certainly put me into a foul mood.

We can also help developers by rejecting invalid or incomplete Encryption (and Content-Encoding) headers, like we already do for Crypto-Key. May as well reject early with an informative error instead of storing and delivering a message that the client will drop immediately.
@jrconlin
Copy link
Member

+1000

@jrconlin jrconlin added the ready label May 9, 2016
@bbangert bbangert added this to the PUSHSVC-0: quality milestone May 9, 2016
@bbangert
Copy link
Member

bbangert commented May 9, 2016

Depends on #379.

jrconlin added a commit that referenced this issue May 10, 2016
@jrconlin
bug: Normalize all tests to only use valid header values
bb69ca0 
Add primative header checking, and normalize tests to only send proper
header values (unless explicity checking for that).

Closes #456
jrconlin added a commit that referenced this issue May 10, 2016
@jrconlin
bug: Normalize all tests to only use valid header values
17ef694 
Add primative header checking, and normalize tests to only send proper
header values (unless explicity checking for that).

Closes #456
@bbangert bbangert self-assigned this Jun 30, 2016
@bbangert bbangert removed their assignment Jul 11, 2016
@jrconlin jrconlin added p1 and removed p2 labels Aug 8, 2016
jrconlin added a commit that referenced this issue Aug 12, 2016
@jrconlin
feat: Validate Encryption/C-Key headers in preflight
0c412a2 
Check the encryption headers to make sure they're roughly valid before
passing them on to the client.

Closes #456
@jrconlin jrconlin mentioned this issue Aug 12, 2016
Merged
@jrconlin jrconlin self-assigned this Aug 12, 2016
jrconlin added a commit that referenced this issue Aug 12, 2016
@jrconlin
feat: Validate Encryption/C-Key headers in preflight
0c27efc 
Check the encryption headers to make sure they're roughly valid before
passing them on to the client.

Closes #456
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@jrconlin jrconlin

Labels
enhancement p1
Projects
None yet
Milestone
PUSHSVC-0: quality
Development

No branches or pull requests
2 participants
@jrconlin @bbangert