Sanitize content hashes in archive methods

alephdata / servicelayer

Common interface definitions for aleph toolkit services and applications

MIT License

7 stars 5 forks source link

Sanitize content hashes in archive methods #175

Open tillprochaska opened 5 months ago

tillprochaska commented 5 months ago

Our content hashes are always hex digests and we should reject anything that contains non-hex characters. This raises an exception when trying to call archive methods with invalid content hashes.

You can test this in Aleph by installing serivcelayer from this branch:

pip uninstall servicelayer
pip install "servicelayer[google,amazon] @ git+https://github.com/alephdata/servicelayer.git@fix/validate-content-hash"

Don’t forget to restart the api container after doing this :)

tillprochaska commented 5 months ago

Probably need to also sanitize prefixes as well (e.g. in the path_prefix method).