0
0
Fork 0
mirror of https://github.com/matrix-org/dendrite synced 2024-12-17 19:53:44 +01:00
dendrite/clientapi
Andrew Morgan 33a1392541
Encode URLs properly (#728)
We were escaping the URL before performing any pattern matching on it.
This meant that if you sent data that URLdecoded to a "/", it would count as
a "/" in the URL, potentially causing a 404. This was causing some flaky tests
with some randomly-generated query parameters.

Now, we keep URLs encoded while doing the pattern matching, and only afterwards
do we URL decode each query parameter individually before passing them to their
respective handler functions.

github.com/gorilla/mux was also updated to v1.7.3 to fix a bug with URL encoding and subrouters.
2019-07-03 16:38:50 +01:00
..
auth Fix pipeline, emoji and syntax (#713) 2019-06-19 14:05:03 +01:00
consumers use go module for dependencies (#594) 2019-05-21 21:56:55 +01:00
httputil use go module for dependencies (#594) 2019-05-21 21:56:55 +01:00
jsonerror Fix pipeline, emoji and syntax (#713) 2019-06-19 14:05:03 +01:00
producers use go module for dependencies (#594) 2019-05-21 21:56:55 +01:00
routing Encode URLs properly (#728) 2019-07-03 16:38:50 +01:00
threepid use go module for dependencies (#594) 2019-05-21 21:56:55 +01:00
userutil use go module for dependencies (#594) 2019-05-21 21:56:55 +01:00
clientapi.go use go module for dependencies (#594) 2019-05-21 21:56:55 +01:00
README.md use go module for dependencies (#594) 2019-05-21 21:56:55 +01:00

This component roughly corresponds to "Client Room Send" and "Client Sync" on the WIRING diagram. This component produces multiple binaries.

Internals

  • HTTP routing is done using gorilla/mux and the routing paths are in the routing package.

Writers

  • Each HTTP "write operation" (/createRoom, /rooms/$room_id/send/$type, etc) is contained entirely to a single file in the writers package.
  • This file contains the request and response struct definitions, as well as a Validate() bool function to validate incoming requests.
  • The entry point for each write operation is a stand-alone function as this makes testing easier. All dependencies should be injected into this function, including server keys/name, etc.