On 05/12/12 02:45, David Lutterkort wrote: > On Tue, 2012-12-04 at 14:23 +0200, [email protected] wrote: >> From: marios <[email protected]> >> >> >> Signed-off-by: marios <[email protected]> >> --- >> server/lib/cimi/collections/addresses.rb | 2 +- >> server/lib/cimi/collections/credentials.rb | 2 +- >> server/lib/cimi/collections/machine_templates.rb | 2 +- >> server/lib/cimi/collections/machines.rb | 10 +++++----- >> server/lib/cimi/collections/network_ports.rb | 6 +++--- >> server/lib/cimi/collections/networks.rb | 8 ++++---- >> 6 files changed, 15 insertions(+), 15 deletions(-) > > I think what grab_content_type is doing is overly lenient - we should > reject requests that have a content-type other than application/xml or > application/json with a 415. Note that the comparison of the > Content-Type header with the above two values must be case-insensitive. >
ok - I added this more for personal comfort - like when I forgot to add the 'Content-Type' header to my cURL command. Digging a little deeper, the CIMI spec defers to RFC 2616 and looking at that Content-Type is a 'should' rather than a 'must'. I enforced the strict 'xml or json only' check by removing the call to 'guess_content_type' and raise a 415 appropriately. I also added the unit test (as part of part_4test.rb). Patches are at http://tracker.deltacloud.org/set/181 thanks, marios > David > >
