[tor-bugs] #6708 [pyonionoo]: Pyonionoo returns code 500 for a few parameters
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Thu Sep 27 18:15:43 UTC 2012
#6708: Pyonionoo returns code 500 for a few parameters
--------------------------+-------------------------------------------------
Reporter: karsten | Owner: gsathya
Type: defect | Status: needs_revision
Priority: normal | Milestone:
Component: pyonionoo | Version:
Resolution: | Keywords:
Parent: | Points:
Actualpoints: |
--------------------------+-------------------------------------------------
Comment(by karsten):
Replying to [comment:26 gsathya]:
> I was wondering about this as well. I tried a couple of test cases and
it seemed to work so I decided to leave it as such. But, it's definitely
better to be safe than sorry. This is much better.
Great!
> * The lookup parameter should accept only the full 40 char fingerprint
or hashed_fingerprint. It shouldn't work otherwise. This isn't explicitly
stated on the Onionoo spec, but this is how Onionoo behaves. (Change the
spec maybe?) Using {{{%% %s%%}}} makes it work with <40 char strings.
{{{%% %s}}} should fix it. We should also check the length in
handlers/arguments.py and return a 400 if it's <40 chars. Hmm, maybe we
should validate the other input lengths as well(like country). Possibly
make this a separate ticket?
You're right, the lookup parameter is only supposed to work for full
fingerprints of 40 hex characters. That's why the spec doesn't say
"beginning of a fingerprint" like it does for the search parameter. I
made that more explicit though.
But we shouldn't change the `"%% %s%%"` part, because that would break
looking up the first fingerprint in the lookup field. We should rather
check that the parameter is 40 chars long before running the database
query.
Would you mind adding that check, and a similar check for the country
parameter? (I'm pretty much hosed with other stuff at the moment, and I
don't want you to block on me until I have free cycles again. Thanks!)
By the way, I hope that we'll have an easier time spotting and fixing
these bugs once we have good tests available.
> * I don't see why hashed_fingerprint and fingerprint need to be case
insensitive anymore.
You're right, that's not necessary anymore. Mind changing it back?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6708#comment:28>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list