Warning: Can't synchronize with repository "(default)" (Unsupported version control system "svn": No module named svn). Look in the Trac log for more information.

Ticket #694 (closed defect: fixed)

Opened 11 years ago

Last modified 10 years ago

[PATCH] Strict controller parameters

Reported by: Claudio Martinez <martinezc@…> Owned by: anonymous
Priority: normal Milestone: 0.9a3
Component: TurboGears Version:
Severity: minor Keywords:
Cc:

Description

Unexpected keyword arguments never get to a controller or validator because they are cleared in the way by adapt_call. This function only leaves the parameters used by the controller.

This can cause many problems, for example if your controller has an optional keyword argument called limit and someone somewhere mistypes limit as linit, you would be using the default value. Depending on the situation, this can cost a lot of time.

When you enable tg.strict_parameters = True in app.cfg, passing unexpected arguments to a controller will raise an exception, just like a normal python function.

Attachments

strict_params.diff Download (1.5 KB) - added by Claudio Martinez <martinezc@…> 11 years ago.

Change History

Changed 11 years ago by Claudio Martinez <martinezc@…>

comment:1 Changed 11 years ago by anonymous

I think this should be a development-only setting, as it will make TG look really bad, if it doesn't handle malformed requests (arguments) gracefully.

comment:2 Changed 11 years ago by anonymous

It still should be an option for production servers. We can add an option to call another controller on failure like error_handler Anyway malformed requests shouldn't be happening on a production server, errors would raise from users doing things they shouldn't be doing. Personally, on systems were security is 300% important every last bit of information can help.

comment:3 Changed 11 years ago by simon

anonymous above was me.

We can add an option to call another controller on failure like error_handler

This is already possible via exception_handler().

Anyway malformed requests shouldn't be happening on a production server

It can be something as simple as pasting an incomplete link (with REST, path elements can in fact be arguments to a method).

Perhaps having it as a development-only setting is a bit harsh, but at least the default value should be flipped between development and production versions.

comment:4 Changed 11 years ago by simon

comment:5 Changed 11 years ago by kevin

We'll take this patch, but the default will be to have it on in dev.cfg and off in prod.cfg. (You can always turn it on in app.cfg and be done with it, if that's what you want.)

comment:6 Changed 11 years ago by kevin

  • Milestone set to 0.9a3

comment:7 Changed 11 years ago by kevin

  • Status changed from new to closed
  • Resolution set to fixed

committed in [1073]. Thanks, Claudio!

Note: See TracTickets for help on using tickets.