Actions
Refactor #3303
closedv2.py: Accept header handling is sketchy
Start date:
Due date:
% Done:
100%
Estimated time:
Platform Release:
2.15.1
Target Release - Crane:
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:
Description
Docker engines typically present more than one Accept: header (usually three).
While they are three different lines in the HTTP header, they typically get combined as a single value, comma-separated.
Crane has a bunch of if/then/else logic that looks like:
accept_headers = request.headers.get('Accept')
schema2_mediatype = 'application/vnd.docker.distribution.manifest.v2+json'
manifest_list_mediatype = 'application/vnd.docker.distribution.manifest.list.v2+json'
if manifest_list_mediatype in accept_headers ...:
...
That is essentially the equivalent of evaluating:
"val1" in "val1, val2, val3"
and boils down to string matching.
I find it dangerous, because "val" in "val1, val2, val3" is also True.
It just so happens that the Docker engine is civilized enough to present the right values.
A much better solution would be something like:
accept_headers = accept_headers.split(",") if accept_headers else []
accept_headers = set(x.strip() for x in accept_headers)
Actions
Safer handling of Accept headers
closes #3303 https://pulp.plan.io/issues/3303