Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(ws): reject invalid requests #139

Open
wants to merge 1 commit into
base: notebooks-v2
Choose a base branch
from
Open

feat(ws): reject invalid requests #139

wants to merge 1 commit into from

Conversation

Yael-F
Copy link

@Yael-F Yael-F commented Dec 2, 2024

Fixes #129 by implementing validation for names and namespaces.

Summary of Changes

Validation Enhancements:

Ensures names/namespaces extracted from URL parameters or request payloads are:

  • ASCII-compliant.
  • Within the allowed length (≤ 255 characters).

New Validation Module:
Introduced functions for validation:
NonASCIIValidator
LengthValidator
ValidateKubernetesResourceName

Handler Updates:
Applied validation to the following routes:
GET /workspacekind/:name
GET /workspaces/:namespace/:name
GET /workspaces/:namespace
POST /workspaces/:namespace

Testing:
Updated test files (workspaces_handler_test.go, workspacekinds_handler_test.go) to ensure unsupported fields trigger validation errors.

@google-oss-prow Google OSS Prow
Copy link

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign kimwnasptd for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@ederign
Copy link
Member

ederign commented Dec 4, 2024

@Yael-F can you please rebase this?

@Yael-F Yael-F force-pushed the request_validation branch 2 times, most recently from 5ec5d4d to 9ac71ad Compare December 5, 2024 23:06
@thesuperzapper thesuperzapper changed the title feat(backend): Reject invalid requests. feat(backend): reject invalid requests. Dec 11, 2024
@thesuperzapper thesuperzapper changed the title feat(backend): reject invalid requests. feat(ws): reject invalid requests Dec 11, 2024
ederign
ederign suggested changes Jan 13, 2025
View reviewed changes
Copy link
Member

@ederign ederign left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just added a comment regarding the valid name. We will need to improve it!

workspaces/backend/api/validation.go Outdated

// NonASCIIValidator checks if a given string contains only ASCII characters.
func NonASCIIValidator(param string) error {
if utf8.ValidString(param) && len(param) == len([]rune(param)) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Yael-F when I was reviewing I wondered if the specification that we wrote is enough. I believe ValidString only validates if it's a valid utf8 string, but k8s resources needs to be:

  • Length: Must be 1-253 characters long.
    -Allowed Characters:
    • Must consist of:
    • Lowercase letters (a-z)
    • Numbers (0-9)
    • Hyphens (-)
    • Periods (.)
  • Start and End:
    • Must begin and end with an alphanumeric character (a-z or 0-9).

@thesuperzapper can you confirm?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ederign Thanks for the review, updated the code, if you can pls take a look

@ederign
Copy link
Member

ederign commented Jan 13, 2025

and @Yael-F sorry for the delay on this one. as you know, I was on a long pto! :)

@Yael-F Yael-F force-pushed the request_validation branch from 9ac71ad to 4712ee0 Compare January 16, 2025 12:19
@Yael-F Yael-F force-pushed the request_validation branch from 4712ee0 to a5c1b40 Compare January 16, 2025 14:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ederign ederign ederign requested changes

@kimwnasptd kimwnasptd Awaiting requested review from kimwnasptd

@thesuperzapper thesuperzapper Awaiting requested review from thesuperzapper

Assignees
No one assigned
Labels
size/L
Projects
Kubeflow Notebooks
Status: Needs Triage
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Yael-F @ederign