Skip to content

Check content_length prior to parsing request data. #8

Description

@grosscol

Issue or current state

A number of requests imported from the UI flask application check the request data with request.get_json().
Recommendation in Flask documentation is to check content length prior to loading & parsing the request data.

Resolved when

Define a max length for the ui routes blueprint content bodies e.g. CONTENT_LEN_MAX = 65536

Replace existing checks for json content of a post request

if request.method == 'POST' and request.get_json():  

with type and length check before proceeding with request.get_json()

if request.method == 'POST' and  request.is_json and request.content_length < CONTENT_LEN_MAX:

Metadata

Metadata

Assignees

No one assigned

    Labels

    triageLanding area for issues discovered during development.

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions