This PR fixes two issues, increases the supported certificate version, adds more verbose messaging around errors, and also logs any external IP changes:
If cat is run on a non-utf8 encoded file, the server won't be able to parse the task results. The approach in this PR uses fallback encodings to see if we can decode the result with any other encodings, and if we can, re-encodes everything with utf8.
For my use cases, shift_jis and euc-jp are enough. The exact order and number of fallback encodings are up for debate and this could be a config option, so users who don't need the flexibility can disable it.
The download command gzips and encrypts the target file before uploading it to the server. Since encryption happens after compression, the request content is base64 instead of gzipped bytes. If we have the Content-Encoding: gzip header when the content is base64, services such as AWS Lambda where a request is fully parsed before getting passed to the backend, the request will fail with 415 Unsupported Media Type. Removing the Content-Encoding: gzip header fixes this issue.
An alternative would be reversing the compress/encrypt order, but compressing an encrypted blob would yield bigger file sizes.
The current server allows https connections from SSLv3 upwards. Rust clients can complain about this, and since we control both server and client, there's no need to support such old methods. This PR updates ssl_version to TLS 1.2.
Currently, it's difficult to debug why a request was rejected or where an exception occurred. I have increased the verbosity of all_exception_handler with a dump_debug_info_for_exception method and updated how notifyBadRequest works to give better guidance on why a request might have been rejected.
Logging changes in external ip address would allow better accounting, since as it is now, we'd only have access to the latest external ip.
This PR fixes two issues, increases the supported certificate version, adds more verbose messaging around errors, and also logs any external IP changes:
cat
is run on a non-utf8 encoded file, the server won't be able to parse the task results. The approach in this PR uses fallback encodings to see if we can decode the result with any other encodings, and if we can, re-encodes everything with utf8.For my use cases,
shift_jis
andeuc-jp
are enough. The exact order and number of fallback encodings are up for debate and this could be a config option, so users who don't need the flexibility can disable it.download
command gzips and encrypts the target file before uploading it to the server. Since encryption happens after compression, the request content is base64 instead of gzipped bytes. If we have theContent-Encoding: gzip
header when the content is base64, services such as AWS Lambda where a request is fully parsed before getting passed to the backend, the request will fail with 415 Unsupported Media Type. Removing theContent-Encoding: gzip
header fixes this issue.An alternative would be reversing the compress/encrypt order, but compressing an encrypted blob would yield bigger file sizes.
The current server allows https connections from SSLv3 upwards. Rust clients can complain about this, and since we control both server and client, there's no need to support such old methods. This PR updates
ssl_version
to TLS 1.2.Currently, it's difficult to debug why a request was rejected or where an exception occurred. I have increased the verbosity of
all_exception_handler
with adump_debug_info_for_exception
method and updated hownotifyBadRequest
works to give better guidance on why a request might have been rejected.Logging changes in external ip address would allow better accounting, since as it is now, we'd only have access to the latest external ip.