Browse Source

Merge pull request #1680 from Slamper/develop

Return 404 for unknown RPC endpoints
pull/1638/merge
Alexander Simmerl 7 years ago
committed by GitHub
parent
commit
1318bd18cd
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 25 additions and 1 deletions
  1. +14
    -1
      rpc/lib/server/handlers.go
  2. +11
    -0
      rpc/lib/server/handlers_test.go

+ 14
- 1
rpc/lib/server/handlers.go View File

@ -32,7 +32,7 @@ func RegisterRPCFuncs(mux *http.ServeMux, funcMap map[string]*RPCFunc, cdc *amin
}
// JSONRPC endpoints
mux.HandleFunc("/", makeJSONRPCHandler(funcMap, cdc, logger))
mux.HandleFunc("/", handleInvalidJSONRPCPaths(makeJSONRPCHandler(funcMap, cdc, logger)))
}
//-------------------------------------
@ -153,6 +153,19 @@ func makeJSONRPCHandler(funcMap map[string]*RPCFunc, cdc *amino.Codec, logger lo
}
}
func handleInvalidJSONRPCPaths(next http.HandlerFunc) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
// Since the pattern "/" matches all paths not matched by other registered patterns we check whether the path is indeed
// "/", otherwise return a 404 error
if r.URL.Path != "/" {
http.NotFound(w, r)
return
}
next(w, r)
}
}
func mapParamsToArgs(rpcFunc *RPCFunc, cdc *amino.Codec, params map[string]json.RawMessage, argsOffset int) ([]reflect.Value, error) {
values := make([]reflect.Value, len(rpcFunc.argNames))
for i, argName := range rpcFunc.argNames {


+ 11
- 0
rpc/lib/server/handlers_test.go View File

@ -97,3 +97,14 @@ func TestRPCNotification(t *testing.T) {
require.Nil(t, err, "reading from the body should not give back an error")
require.Equal(t, len(blob), 0, "a notification SHOULD NOT be responded to by the server")
}
func TestUnknownRPCPath(t *testing.T) {
mux := testMux()
req, _ := http.NewRequest("GET", "http://localhost/unknownrpcpath", nil)
rec := httptest.NewRecorder()
mux.ServeHTTP(rec, req)
res := rec.Result()
// Always expecting back a 404 error
require.Equal(t, http.StatusNotFound, res.StatusCode, "should always return 404")
}

Loading…
Cancel
Save