Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Move request sanitization and upload disallowed out of file_upload #16032

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

dstufft
Copy link
Member

@dstufft dstufft commented May 31, 2024

This is extracting a (small) piece of #14716 out into it's own PR, with the overarching goal of making the file_upload endpoint easier to read and reason about what's happening.

There's no real functionality change here (except we move request sanitizing to happen prior to the read only checks, which was done primarily because while the current sanitizers and the current checks are wholly independent of each other, that might not always be the case, so we sanitize first.

Beyond that, all this means is that when reading the file_upload method, it's easier to gloss over these checks, as they're just decorators instead of being part of the method body.

This also means that the tests that test this functionality no longer need to do heavy weight things like setup databases and make DB queries, making our tests just a little bit faster.

@dstufft dstufft force-pushed the refactor-upload-redux branch from 71088d1 to 746ad57 Compare May 31, 2024 15:13
@dstufft dstufft force-pushed the refactor-upload-redux branch from 746ad57 to a19ac06 Compare May 31, 2024 16:12
@dstufft dstufft marked this pull request as ready for review May 31, 2024 16:27
@dstufft dstufft requested a review from a team as a code owner May 31, 2024 16:27
Copy link
Member

@miketheman miketheman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice extraction, it indeed does make the forklift a little easier to read.

I didn't think we used the decorator kwarg for view_config for anything other than HTTP header stuff (cache control, vary, etc) - but I don't see why it can't be as flexible for this kind of purpose either - it was a little surprising since it's the first time I'm really thinking about it.

Is there an advantage to having the implementation be a decorator pattern vs an inline function call? Does Pyramid handle this differently?

In any case, nothing blocking this from going forward, just my own curiosities.

# ref: https://github.com/pypi/warehouse/issues/2491
for field in set(request.POST) - {"content", "gpg_signature"}:
values = request.POST.getall(field)
if any(isinstance(value, cgi.FieldStorage) for value in values):
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thinking out loud - cgi is deprecated and going to be removed in 3.13 - are we still getting things coming in as FieldStorage instances? Might be good to insert a sentry message to try and track down if this is still happening. Not a merge blocker, but would be happy to re-review something like that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants