Skip to content

Commit

Permalink
fix(search): increase max query param length
Browse files Browse the repository at this point in the history
  • Loading branch information
Stefan committed Apr 7, 2024
1 parent bcd497a commit 0d28e17
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 21 deletions.
11 changes: 6 additions & 5 deletions backend/src/main/java/com/github/binpastes/paste/api/PasteController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,14 +87,15 @@ public Mono<ListView> findPastes() {
public Mono<SearchView> searchPastes(
@RequestParam("term")
@NotBlank
@Pattern(regexp = "[\\pL\\pN\\p{P}\\s]{3,25}")
@Pattern(regexp = "[\\p{L}\\p{N}\\p{P}\\s]{3,50}")
final String term,
final ServerHttpResponse response
) {
response.getHeaders().setCacheControl(CacheControl.maxAge(60, TimeUnit.SECONDS));
var decodedTerm = URLDecoder.decode(term, Charset.defaultCharset());
response.getHeaders().setCacheControl(CacheControl.maxAge(1, TimeUnit.MINUTES));
return pasteService
.findByFullText(URLDecoder.decode(term, Charset.defaultCharset()))
.map(paste -> SearchItemView.of(paste, term))
.findByFullText(decodedTerm)
.map(paste -> SearchItemView.of(paste, decodedTerm))
.collectList()
.map(SearchView::of);
}
Expand Down Expand Up @@ -123,7 +124,7 @@ public void deletePaste(@PathVariable("pasteId") String pasteId, ServerHttpReque
@ExceptionHandler({ConstraintViolationException.class, WebExchangeBindException.class})
@ResponseStatus(HttpStatus.BAD_REQUEST)
private void handleValidationException(RuntimeException e) {
log.info("Received invalid request: {}", e.getClass().getSimpleName());
log.info("Received invalid request [{}]: {}", e.getClass().getSimpleName(), e.getMessage());
}

private static String remoteAddress(ServerHttpRequest request) {
Expand Down
29 changes: 13 additions & 16 deletions backend/src/test/java/com/github/binpastes/paste/api/PasteControllerTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,24 +58,12 @@ void listPastes() {
.uri("/api/v1/paste")
.exchange()
.expectStatus().isOk()
.expectHeader().cacheControl(CacheControl.empty())
.expectBody().jsonPath("pastes", emptyList());
}

@Test
@DisplayName("GET /search - set cache header")
void searchPastes() {
doReturn(Flux.empty()).when(pasteService).findByFullText(anyString());

webClient.get()
.uri("/api/v1/paste/search?term={term}", "foobar")
.exchange()
.expectStatus().isOk()
.expectHeader().cacheControl(CacheControl.maxAge(1, TimeUnit.MINUTES))
.expectBody().jsonPath("pastes", emptyList());
}

@Test
@DisplayName("GET /search - decode term parameter")
@DisplayName("GET /search - term parameter and cache header")
void searchPastesDecodesParameter() {
doReturn(Flux.empty()).when(pasteService).findByFullText(anyString());

Expand Down Expand Up @@ -121,7 +109,12 @@ private static Stream<Arguments> invalidPayloads() {
"content": "validContent",
}
"""))),
arguments(named("title too long", Mono.just("{\"content\": \"validContent\", \"title\": " + "X".repeat(256 + 1) + "\"}"))),
arguments(named("title too long", Mono.just("""
{
"title": "%s",
"content": "validContent",
}
""".formatted("X".repeat(256 + 1))))),
arguments(named("content blank", Mono.just("""
{
"content": " ",
Expand All @@ -132,7 +125,11 @@ private static Stream<Arguments> invalidPayloads() {
"content": "1234",
}
"""))),
arguments(named("content too long", Mono.just("{\"content\": \"" + "X".repeat(4096 + 1) + "\"}")))
arguments(named("content too long", Mono.just("""
{
"content": "%s",
}
""".formatted("X".repeat(4096 + 1)))))
);
}
}

0 comments on commit 0d28e17

Please sign in to comment.