8000 fix: improve validation on extension attribute (#502) · cloudevents/sdk-javascript@ea94a4d · GitHub
[go: up one dir, main page]
Skip to content

    • Commit ea94a4d

    Browse files
    lancelance
    authored
    fix: improve validation on extension attribute (#502)
    * fix: improve validation on extension attribute Fixes: #500 Adds a regular expression check to the attribute name validation code to ensure that attribute names only use a-z0-9 (except for `data_base64`, which apparently is an exception to the rule. Signed-off-by: Lance Ball <lball@redhat.com>
    1 parent 847f6bf commit ea94a4d

    File tree

    5 files changed

    +32
    -7
    lines changed

    5 files changed

    +32
    -7
    lines changed

    src/event/spec.ts

    Lines changed: 4 additions & 3 deletions
    Original file line numberDiff line numberDiff line change
    @@ -18,10 +18,11 @@ export function validateCloudEvent<T>(event: CloudEventV1<T>): boolean {
    1818
    } else {
    1919
    return false;
    2020
    }
    21-
    // attribute names must all be lowercase
    21+
    // attribute names must all be [a-z|0-9]
    22+
    const validation = /^[a-z0-9]+$/;
    2223
    for (const key in event) {
    23-
    if (key !== key.toLowerCase()) {
    24-
    throw new ValidationError(`invalid attribute name: ${key}`);
    24+
    if (validation.test(key) === false && key !== "data_base64") {
    25+
    throw new ValidationError(`invalid attribute name: "${key}"`);
    2526
    }
    2627
    }
    2728
    return true;

    test/integration/kafka_tests.ts

    Lines changed: 1 addition & 1 deletion
    Original file line numberDiff line numberDiff line change
    @@ -131,7 +131,7 @@ describe("Kafka transport", () => {
    131131
    expect(event.LUNCH).to.equal("tacos");
    132132
    expect(function () {
    133133
    event.validate();
    134-
    }).to.throw("invalid attribute name: LUNCH");
    134+
    }).to.throw("invalid attribute name: \"LUNCH\"");
    135135
    });
    136136

    137137
    it("Can detect CloudEvent binary Messages with weird versions", () => {

    test/integration/message_test.ts

    Lines changed: 16 additions & 2 deletions
    Original file line numberDiff line numberDiff line change
    @@ -41,7 +41,21 @@ const imageData = new Uint32Array(fs.readFileSync(path.join(process.cwd(), "test
    4141
    const image_base64 = asBase64(imageData);
    4242

    4343
    describe("HTTP transport", () => {
    44-
    44+
    it("validates extension attribute names for incoming messages", () => {
    45+
    // create a new Message
    46+
    const msg: Message = {
    47+
    headers: {
    48+
    "ce-id": "213",
    49+
    "ce-source": "test",
    50+
    "ce-type": "test",
    51+
    "ce-bad-extension": "value"
    52+
    },
    53+
    body: undefined
    54+
    };
    55+
    const evt = HTTP.toEvent(msg) as CloudEvent;
    56+
    expect(() => evt.validate()).to.throw(TypeError);
    57+
    });
    58+
    4559
    it("Includes extensions in binary mode when type is 'boolean' with a false value", () => {
    4660
    const evt = new CloudEvent({ source: "test", type: "test", extboolean: false });
    4761
    expect(evt.hasOwnProperty("extboolean")).to.equal(true);
    @@ -129,7 +143,7 @@ describe("HTTP transport", () => {
    129143
    expect(event.LUNCH).to.equal("tacos");
    130144
    expect(function () {
    131145
    event.validate();
    132-
    }).to.throw("invalid attribute name: LUNCH");
    146+
    }).to.throw("invalid attribute name: \"LUNCH\"");
    133147
    });
    134148

    135149
    it("Can detect CloudEvent binary Messages with weird versions", () => {

    test/integration/mqtt_tests.ts

    Lines changed: 1 addition & 1 deletion
    Original file line numberDiff line numberDiff line change
    @@ -134,7 +134,7 @@ describe("MQTT transport", () => {
    134134
    expect(event.LUNCH).to.equal("tacos");
    135135
    expect(function () {
    136136
    event.validate();
    137-
    }).to.throw("invalid attribute name: LUNCH");
    137+
    }).to.throw("invalid attribute name: \"LUNCH\"");
    138138
    });
    139139

    140140
    it("Can detect CloudEvent binary Messages with weird versions", () => {

    test/integration/spec_1_tests.ts

    Lines changed: 10 additions & 0 deletions
    Original file line numberDiff line numberDiff line change
    @@ -99,6 +99,16 @@ describe("CloudEvents Spec v1.0", () => {
    9999
    it("should be ok when the type is an string converted from an object", () => {
    100100
    expect(cloudevent.cloneWith({ objectextension: JSON.stringify({ some: "object" }) }).validate()).to.equal(true);
    101101
    });
    102+
    103+
    it("should only allow a-z|0-9 in the attribute names", () => {
    104+
    const testCases = [
    105+
    "an extension", "an_extension", "an-extension", "an.extension", "an+extension"
    106+
    ];
    107+
    testCases.forEach((testCase) => {
    108+
    const evt = cloudevent.cloneWith({ [testCase]: "a value"}, false);
    109+
    expect(() => evt.validate()).to.throw(ValidationError);
    110+
    });
    111+
    });
    102112
    });
    103113

    104114
    describe("The Constraints check", () => {

    0 commit comments

    Comments
     (0)
    0