Input validation not firing for RoomController methods

gingeleski / cucumber-spring-security-tests

Cucumber/BDD security tests example for Java (Spring Boot API).

9 stars 8 forks source link

Closed gingeleski closed 4 years ago

gingeleski commented 6 years ago

In an issue apparently related to @PreAuthorize("IsAuthenticated()"), input validation is not working properly for RoomController.java.

Invalid inputs still get a 200 OK.

gingeleski commented 4 years ago

Need to confirm this is still an issue after #44 overhaul.

(I doubt it is, but needs a spot check.)

gingeleski commented 4 years ago

Confirmed input validation is active.

As just one example, I get an empty 400 Bad Request if I fire off the following request...

GET /api/rooms/NY_SYRACUSE_123SMITH_101_SHARE_3SOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO HTTP/1.1