h5serv icon indicating copy to clipboard operation
h5serv copied to clipboard
verified publisher icon HDFGroup

Overly strict sanity check on post() method of DatasetCollectionHandler

Open manor opened this issue 10 years ago • 1 comments

Given that it is now possible to post with ?host=datafile.root_domain, the test in line 2108:

        if self.request.uri != '/datasets':
           msg = "Method not Allowed: invalid datasets post request"
           log.info(msg)
           raise HTTPError(405, reason=msg)  # Method not allowed

is too strict since the suffix of the URI can legitimately be something other than /datasets...

manor avatar Sep 08 '15 12:09 manor

Right, I need to review all the url checking code for PUT/DELETE/POST requests.

For now, can you work around this by just passing the host as the host header? E.g.:

        headers = {'host': 'datafile.root_domain'}
        payload = {'type': 'H5T_IEEE_F32LE', 'shape': 10}
        req = self.endpoint + "/datasets"
        rsp = requests.post(req, data=json.dumps(payload), headers=headers)

jreadey avatar Sep 08 '15 17:09 jreadey