http: Reject methods other than GET.
* src/cuirass/http.scm (url-handler): Check whether REQUEST's method is 'GET, and return 405 if not.
This commit is contained in:
parent
8b26874cac
commit
4558d1c869
|
@ -130,7 +130,10 @@
|
|||
(log-message "~a ~a" (request-method request)
|
||||
(uri-path (request-uri request)))
|
||||
|
||||
(match (request-path-components request)
|
||||
;; Reject OPTIONS, POST, etc.
|
||||
(match (if (eq? 'GET (request-method request))
|
||||
(request-path-components request)
|
||||
'method-not-allowed)
|
||||
(((or "jobsets" "specifications") . rest)
|
||||
(respond-json (object->json-string (car (db-get-specifications db)))))
|
||||
(("build" build-id)
|
||||
|
@ -182,6 +185,9 @@
|
|||
,@params
|
||||
(order submission-time)))))
|
||||
(respond-json-with-error 500 "Parameter not defined!"))))
|
||||
('method-not-allowed
|
||||
;; 405 "Method Not Allowed"
|
||||
(values (build-response #:code 405) #f db))
|
||||
(_
|
||||
(respond (build-response #:code 404)
|
||||
#:body (string-append "Resource not found: "
|
||||
|
|
|
@ -195,6 +195,10 @@
|
|||
(object->json-string build-query-result)
|
||||
json->scm)))
|
||||
|
||||
(test-equal "POST /build/1"
|
||||
405 ;Method Not Allowed
|
||||
(response-code (http-post (test-cuirass-uri "/build/1"))))
|
||||
|
||||
(test-equal "/build/1/log/raw"
|
||||
`(302 ,(string->uri-reference "/log/fake-1.0"))
|
||||
(let ((response (http-get (test-cuirass-uri "/build/1/log/raw"))))
|
||||
|
|
Loading…
Reference in New Issue