diff options
| author | daniel <dkinzler@wikimedia.org> | 2024-06-26 20:25:16 +0200 |
|---|---|---|
| committer | Daniel Kinzler <dkinzler@wikimedia.org> | 2024-06-28 11:10:07 +0000 |
| commit | 89be6e0c9f899712ee50c5d28bb35777ad949129 (patch) | |
| tree | 651dc04f52e04902bad3933826218f9469492373 /includes/Rest/Validator | |
| parent | 1aa990f1725bf81caaf44527b9e778b5a8fe7e4d (diff) | |
| download | mediawikicore-89be6e0c9f899712ee50c5d28bb35777ad949129.tar.gz mediawikicore-89be6e0c9f899712ee50c5d28bb35777ad949129.zip | |
REST: detect mismatching value types in json request
DEPLOY: watch the api-warning channel for misbehaving clients.
We are now using TypeDef objects for validating fields in JSON
request bodies. Since TypeDef was designed for use in the action API, it
assumes that all client data is originally supplied as strings. These
strings are parsed and converted to the appropriate type.
But for JSON requests, we don't want that. If a field is defined to be a
boolean, it should be required to be a boolean, not the string "yes" or
"0".
This adds an option to TypeDefs that triggers strict type checks for
booleans and numbers. This option is enabled for all request types other
than form data.
For now, the check does not trigger a validation error. It just logs a
warning. This allows us to assess how often clients would trigger this
kind of error. The warning are logged to the "api-warning" channel.
Bug: T305973
Change-Id: I11e9e37af93bc3b9414eb77095e7cc0ce821a462
Diffstat (limited to 'includes/Rest/Validator')
| -rw-r--r-- | includes/Rest/Validator/Validator.php | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/includes/Rest/Validator/Validator.php b/includes/Rest/Validator/Validator.php index efc20ce26cd7..cf262fe74903 100644 --- a/includes/Rest/Validator/Validator.php +++ b/includes/Rest/Validator/Validator.php @@ -15,6 +15,7 @@ use Wikimedia\Message\ListType; use Wikimedia\Message\MessageValue; use Wikimedia\ObjectFactory\ObjectFactory; use Wikimedia\ParamValidator\ParamValidator; +use Wikimedia\ParamValidator\TypeDef; use Wikimedia\ParamValidator\TypeDef\BooleanDef; use Wikimedia\ParamValidator\TypeDef\EnumDef; use Wikimedia\ParamValidator\TypeDef\ExpiryDef; @@ -222,10 +223,13 @@ class Validator { * @see validateParams * @see validateBody * @param array[] $paramSettings Parameter settings. + * @param bool $enforceTypes $enforceTypes Whether the types of primitive values should + * be enforced. If set to false, parameters values are allowed to be + * strings. * @return array Validated parameters * @throws HttpException on validation failure */ - public function validateBodyParams( array $paramSettings ) { + public function validateBodyParams( array $paramSettings, bool $enforceTypes = true ) { $validatedParams = []; foreach ( $paramSettings as $name => $settings ) { $source = $settings[Handler::PARAM_SOURCE] ?? 'body'; @@ -234,9 +238,17 @@ class Validator { } try { - $validatedParams[$name] = $this->paramValidator->getValue( $name, $settings, [ - 'source' => $source, - ] ); + $validatedParams[ $name ] = $this->paramValidator->getValue( + $name, + $settings, + [ + 'source' => $source, + // TODO: Replace this with OPT_ENFORCE_JSON_TYPES and + // remove support for OPT_LOG_BAD_TYPES (grep + // for T305973). + TypeDef::OPT_LOG_BAD_TYPES => $enforceTypes + ] + ); } catch ( ValidationException $e ) { $msg = $e->getFailureMessage(); $wrappedMsg = new MessageValue( |