Verify attachment names. They must be utf-8 (closes COUCHDB-280) and must not start with an underscore.

git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@750695 13f79535-47bb-0310-9956-ffa450edef68

2 files changed, 88 insertions, 0 deletions

diff --git a/share/www/script/couch_tests.js b/share/www/script/couch_tests.js
index 67c3baed..64c366b6 100644
--- a/share/www/script/couch_tests.js
+++ b/share/www/script/couch_tests.js
@@ -41,6 +41,7 @@ loadTest("multiple_rows.js");
 loadTest("large_docs.js");
 loadTest("utf8.js");
 loadTest("attachments.js");
+loadTest("attachment_names.js");
 loadTest("attachment_paths.js");
 loadTest("attachment_views.js");
 loadTest("design_paths.js");
diff --git a/share/www/script/test/attachment_names.js b/share/www/script/test/attachment_names.js
new file mode 100644
index 00000000..802abc08
--- /dev/null
+++ b/share/www/script/test/attachment_names.js
@@ -0,0 +1,87 @@
+// Licensed under the Apache License, Version 2.0 (the "License"); you may not
+// use this file except in compliance with the License.  You may obtain a copy
+// of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+// License for the specific language governing permissions and limitations under
+// the License.
+
+couchTests.attatchment_names = function(debug) { 
+  var db = new CouchDB("test_suite_db"); 
+  db.deleteDb(); 
+  db.createDb(); 
+  if (debug) debugger; 
+
+  var binAttDoc = { 
+    _id: "bin_doc", 
+    _attachments:{ 
+      "foo\x80txt": { 
+        content_type:"text/plain", 
+        data: "VGhpcyBpcyBhIGJhc2U2NCBlbmNvZGVkIHRleHQ=" 
+      } 
+    } 
+  } 
+
+  // inline attachments
+  try {
+    db.save(binAttDoc);
+    TEquals(1, 2, "Attachment name with non UTF-8 encoding saved. Should never show!");
+  } catch (e) {
+    TEquals("bad_request", e.error, "attachment_name: inline attachments");
+    TEquals("Attachment name is not UTF-8 encoded", e.reason, "attachment_name: inline attachments");
+  }
+
+
+  // standalone docs
+  var bin_data = "JHAPDO*AU£PN ){(3u[d 93DQ9¡€])}    ææøo'∂ƒæ≤çæππ•¥∫¶®#†π¶®¥π€ª®˙π8np";
+  
+  var xhr = (CouchDB.request("PUT", "/test_suite_db/bin_doc3/attachment\x80txt", {
+    headers:{"Content-Type":"text/plain;charset=utf-8"},
+    body:bin_data
+  }));
+
+  var resp = JSON.parse(xhr.responseText);
+  TEquals(400, xhr.status, "attachment_name: standalone API");
+  TEquals("bad_request", resp.error, "attachment_name: standalone API");
+  TEquals("Attachment name is not UTF-8 encoded", resp.reason, "attachment_name: standalone API");
+
+
+  // bulk docs
+  var docs = { docs: [binAttDoc] };
+
+  var xhr = CouchDB.request("POST", "/test_suite_db/_bulk_docs", {
+    body: JSON.stringify(docs)
+  });
+
+  var resp = JSON.parse(xhr.responseText);
+  TEquals(400, xhr.status, "attachment_name: bulk docs");
+  TEquals("bad_request", resp.error, "attachment_name: bulk docs");
+  TEquals("Attachment name is not UTF-8 encoded", resp.reason, "attachment_name: bulk docs");
+
+
+  // leading underscores
+  var binAttDoc = { 
+    _id: "bin_doc2", 
+    _attachments:{ 
+      "_foo.txt": { 
+        content_type:"text/plain", 
+        data: "VGhpcyBpcyBhIGJhc2U2NCBlbmNvZGVkIHRleHQ=" 
+      } 
+    } 
+  } 
+
+  try {
+    db.save(binAttDoc);
+    TEquals(1, 2, "Attachment name with leading underscore saved. Should never show!");
+  } catch (e) {
+    TEquals("bad_request", e.error, "attachment_name: leading underscore");
+    TEquals("Attachment name can't start with '_'", e.reason, "attachment_name: leading underscore");
+  }  
+  
+  // todo: form uploads, waiting for cmlenz' test case for form uploads
+
+};