[S] Change in pysim[master]: smdpp: verify request headers

Fri, 13 Jun 2025 12:08:22 -0700 

Hoernchen has uploaded this change for review. ( 
https://gerrit.osmocom.org/c/pysim/+/40466?usp=email )


Change subject: smdpp: verify request headers
......................................................................

smdpp: verify request headers

Change-Id: Ic1221bcb87a9975a013ab356266d3cb76d9241f1
---
M osmo-smdpp.py
1 file changed, 11 insertions(+), 2 deletions(-)



  git pull ssh://gerrit.osmocom.org:29418/pysim refs/changes/66/40466/1

diff --git a/osmo-smdpp.py b/osmo-smdpp.py
index 5baa154..74863f3 100755
--- a/osmo-smdpp.py
+++ b/osmo-smdpp.py
@@ -61,6 +61,16 @@
     request.setHeader('Content-Type', 'application/json;charset=UTF-8')
     request.setHeader('X-Admin-Protocol', 'gsma/rsp/v2.1.0')

+def validate_request_headers(request: IRequest):
+    """Validate mandatory HTTP headers according to SGP.22."""
+    content_type = request.getHeader('Content-Type')
+    if not content_type or not content_type.startswith('application/json'):
+        raise ApiError('1.2.1', '2.1', 'Invalid Content-Type header')
+
+    admin_protocol = request.getHeader('X-Admin-Protocol')
+    if admin_protocol and not admin_protocol.startswith('gsma/rsp/v'):
+        raise ApiError('1.2.2', '2.1', 'Unsupported X-Admin-Protocol version')
+
 def build_status_code(subject_code: str, reason_code: str, subject_id: 
Optional[str], message: Optional[str]) -> Dict:
     r = {'subjectCode': subject_code, 'reasonCode': reason_code }
     if subject_id:
@@ -180,8 +190,7 @@
         functionality, such as JSON decoding/encoding and debug-printing."""
         @functools.wraps(func)
         def _api_wrapper(self, request: IRequest):
-            # TODO: evaluate User-Agent + X-Admin-Protocol header
-            # TODO: reject any non-JSON Content-type
+            validate_request_headers(request)

             content = json.loads(request.content.read())
             print("Rx JSON: %s" % json.dumps(content))

--
To view, visit https://gerrit.osmocom.org/c/pysim/+/40466?usp=email
To unsubscribe, or for help writing mail filters, visit 
https://gerrit.osmocom.org/settings?usp=email

Gerrit-MessageType: newchange
Gerrit-Project: pysim
Gerrit-Branch: master
Gerrit-Change-Id: Ic1221bcb87a9975a013ab356266d3cb76d9241f1
Gerrit-Change-Number: 40466
Gerrit-PatchSet: 1
Gerrit-Owner: Hoernchen <ew...@sysmocom.de>

Reply via email to