summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJohn Christopher Anderson <jchris@apache.org>2010-07-20 01:04:22 +0000
committerJohn Christopher Anderson <jchris@apache.org>2010-07-20 01:04:22 +0000
commit9ebb79a24eecc2004a211b2475ffb7b34f31d138 (patch)
tree9b3f928568d142b8206d3d2d8a6d6e9f22c07278 /src
parent2f25ac7fb8fc46a45ec0e3e746a6104becff6ce6 (diff)
require application/json content-type in the remaining places where a POST has side-effects
git-svn-id: https://svn.apache.org/repos/asf/couchdb/branches/1.0.x@965702 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'src')
-rw-r--r--src/couchdb/couch_httpd_db.erl1
-rw-r--r--src/couchdb/couch_httpd_misc_handlers.erl3
-rw-r--r--src/couchdb/couch_httpd_view.erl2
-rw-r--r--src/couchdb/couch_rep.erl5
4 files changed, 9 insertions, 2 deletions
diff --git a/src/couchdb/couch_httpd_db.erl b/src/couchdb/couch_httpd_db.erl
index 783ed9f9..9cf8a3b4 100644
--- a/src/couchdb/couch_httpd_db.erl
+++ b/src/couchdb/couch_httpd_db.erl
@@ -242,6 +242,7 @@ db_req(#httpd{path_parts=[_DbName]}=Req, _Db) ->
send_method_not_allowed(Req, "DELETE,GET,HEAD,POST");
db_req(#httpd{method='POST',path_parts=[_,<<"_ensure_full_commit">>]}=Req, Db) ->
+ couch_httpd:validate_ctype(Req, "application/json"),
UpdateSeq = couch_db:get_update_seq(Db),
CommittedSeq = couch_db:get_committed_update_seq(Db),
{ok, StartTime} =
diff --git a/src/couchdb/couch_httpd_misc_handlers.erl b/src/couchdb/couch_httpd_misc_handlers.erl
index 205ebc6f..0a6f4a42 100644
--- a/src/couchdb/couch_httpd_misc_handlers.erl
+++ b/src/couchdb/couch_httpd_misc_handlers.erl
@@ -79,6 +79,7 @@ handle_task_status_req(Req) ->
send_method_not_allowed(Req, "GET,HEAD").
handle_replicate_req(#httpd{method='POST'}=Req) ->
+ couch_httpd:validate_ctype(Req, "application/json"),
PostBody = couch_httpd:json_body_obj(Req),
try couch_rep:replicate(PostBody, Req#httpd.user_ctx) of
{ok, {continuous, RepId}} ->
@@ -102,6 +103,7 @@ handle_replicate_req(Req) ->
handle_restart_req(#httpd{method='POST'}=Req) ->
+ couch_httpd:validate_ctype(Req, "application/json"),
ok = couch_httpd:verify_is_server_admin(Req),
couch_server_sup:restart_core_server(),
send_json(Req, 200, {[{ok, true}]});
@@ -189,6 +191,7 @@ handle_config_req(Req) ->
% httpd db handlers
increment_update_seq_req(#httpd{method='POST'}=Req, Db) ->
+ couch_httpd:validate_ctype(Req, "application/json"),
{ok, NewSeq} = couch_db:increment_update_seq(Db),
send_json(Req, {[{ok, true},
{update_seq, NewSeq}
diff --git a/src/couchdb/couch_httpd_view.erl b/src/couchdb/couch_httpd_view.erl
index 65aa364a..fc0c24a8 100644
--- a/src/couchdb/couch_httpd_view.erl
+++ b/src/couchdb/couch_httpd_view.erl
@@ -61,6 +61,7 @@ handle_view_req(#httpd{method='GET',
handle_view_req(#httpd{method='POST',
path_parts=[_, _, DName, _, ViewName]}=Req, Db, _DDoc) ->
+ couch_httpd:validate_ctype(Req, "application/json"),
{Fields} = couch_httpd:json_body_obj(Req),
case couch_util:get_value(<<"keys">>, Fields, nil) of
nil ->
@@ -77,6 +78,7 @@ handle_view_req(Req, _Db, _DDoc) ->
send_method_not_allowed(Req, "GET,POST,HEAD").
handle_temp_view_req(#httpd{method='POST'}=Req, Db) ->
+ couch_httpd:validate_ctype(Req, "application/json"),
ok = couch_db:check_is_admin(Db),
couch_stats_collector:increment({httpd, temporary_view_reads}),
{Props} = couch_httpd:json_body_obj(Req),
diff --git a/src/couchdb/couch_rep.erl b/src/couchdb/couch_rep.erl
index 3adfcb28..afad5406 100644
--- a/src/couchdb/couch_rep.erl
+++ b/src/couchdb/couch_rep.erl
@@ -657,8 +657,9 @@ ensure_full_commit(#http_db{headers = Headers} = Target) ->
Req = Target#http_db{
resource = "_ensure_full_commit",
method = post,
- headers = [{"content-type", "application/json"} | Headers]
+ headers = couch_util:proplist_apply_field({"Content-Type", "application/json"}, Headers)
},
+ ?LOG_ERROR("Req ~p",[Req]),
{ResultProps} = couch_rep_httpc:request(Req),
true = couch_util:get_value(<<"ok">>, ResultProps),
couch_util:get_value(<<"instance_start_time">>, ResultProps);
@@ -683,7 +684,7 @@ ensure_full_commit(#http_db{headers = Headers} = Source, RequiredSeq) ->
resource = "_ensure_full_commit",
method = post,
qs = [{seq, RequiredSeq}],
- headers = [{"content-type", "application/json"} | Headers]
+ headers = couch_util:proplist_apply_field({"Content-Type", "application/json"}, Headers)
},
{ResultProps} = couch_rep_httpc:request(Req),
case couch_util:get_value(<<"ok">>, ResultProps) of