From: Pieter Lexis Date: Mon, 27 Feb 2017 20:10:18 +0000 (+0100) Subject: dnsdist: Send a 404 on unknown API path X-Git-Tag: rec-4.1.0-alpha1~237^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F5089%2Fhead;p=thirdparty%2Fpdns.git dnsdist: Send a 404 on unknown API path Before, a 401 would be sent for unknown API paths due to the strict checking. --- diff --git a/pdns/dnsdist-web.cc b/pdns/dnsdist-web.cc index 88084a06ac..ccecf1a48a 100644 --- a/pdns/dnsdist-web.cc +++ b/pdns/dnsdist-web.cc @@ -100,10 +100,7 @@ static bool compareAuthorization(YaHTTP::Request& req, const string &expected_pa /* if this is a request for the API, check if the API key is correct */ if (req.url.path=="/jsonstat" || - req.url.path=="/api/v1/servers/localhost" || - req.url.path=="/api/v1/servers/localhost/config" || - req.url.path=="/api/v1/servers/localhost/config/allow-from" || - req.url.path=="/api/v1/servers/localhost/statistics") { + req.url.path.find("/api/") == 0) { header = req.headers.find("x-api-key"); if (header != req.headers.end()) { auth_ok = (0==strcmp(header->second.c_str(), expectedApiKey.c_str())); diff --git a/regression-tests.dnsdist/test_API.py b/regression-tests.dnsdist/test_API.py index fd4a323812..cd4da7bab8 100644 --- a/regression-tests.dnsdist/test_API.py +++ b/regression-tests.dnsdist/test_API.py @@ -100,6 +100,15 @@ class TestAPIBasics(DNSDistTest): for key in ['id', 'queries']: self.assertTrue(frontend[key] >= 0) + def testServersIDontExist(self): + """ + API: /api/v1/servers/idontexist (should be 404) + """ + headers = {'x-api-key': self._webServerAPIKey} + url = 'http://127.0.0.1:' + str(self._webServerPort) + '/api/v1/servers/idontexist' + r = requests.get(url, headers=headers, timeout=self._webTimeout) + self.assertEquals(r.status_code, 404) + def testServersLocalhostConfig(self): """ API: /api/v1/servers/localhost/config