Style checks & security considerations added to setting description.

adb4a580 · l · cdbcfc2c · adb4a580 · adb4a580 · adb4a580
4 changed file
--- a/dbms/src/Common/ErrorCodes.cpp
+++ b/dbms/src/Common/ErrorCodes.cpp
@@ -453,9 +453,6 @@ namespace ErrorCodes
    extern const int WITH_TIES_WITHOUT_ORDER_BY = 476;
    extern const int INVALID_USAGE_OF_INPUT = 477;
    extern const int TOO_MANY_REDIRECTS = 478;
- 
-    extern const int KEEPER_EXCEPTION = 999;
-    extern const int POCO_EXCEPTION = 1000;

    extern const int KEEPER_EXCEPTION = 999;
    extern const int POCO_EXCEPTION = 1000;

--- a/dbms/src/Core/Settings.h
+++ b/dbms/src/Core/Settings.h
@@ -169,7 +169,7 @@ struct Settings : public SettingsCollection<Settings>
    \
    M(SettingBool, add_http_cors_header, false, "Write add http CORS header.") \
    \
-    M(SettingUInt64, max_http_get_redirects, 0, "Max number of http GET redirects hops allowed.") \
+    M(SettingUInt64, max_http_get_redirects, 0, "Max number of http GET redirects hops allowed. Make sure additional security measures are in place to prevent a malicious server to redirect your requests to unexpected services.") \
    \
    M(SettingBool, input_format_skip_unknown_fields, false, "Skip columns with unknown names from input data (it works for JSONEachRow, CSVWithNames, TSVWithNames and TSKV formats).") \
    M(SettingBool, input_format_with_names_use_header, false, "For TSVWithNames and CSVWithNames input formats this controls whether format parser is to assume that column data appear in the input exactly as they are specified in the header.") \

--- a/dbms/src/IO/HTTPCommon.cpp
+++ b/dbms/src/IO/HTTPCommon.cpp
@@ -224,15 +224,11 @@ std::istream * receiveResponse(
    auto istr = &session.receiveResponse(response);
    auto status = response.getStatus();

-    if (
-        ( request.getMethod() == Poco::Net::HTTPRequest::HTTP_GET) &&  //  we only accepts redirects on GET requests.
-        (status == Poco::Net::HTTPResponse::HTTP_MOVED_PERMANENTLY  || // 301
-            status == Poco::Net::HTTPResponse::HTTP_FOUND || // 302
-            status == Poco::Net::HTTPResponse::HTTP_SEE_OTHER  || // 303
-            status == Poco::Net::HTTPResponse::HTTP_TEMPORARY_REDIRECT) // 307
-        )  {
+    if ( ( request.getMethod() == Poco::Net::HTTPRequest::HTTP_GET ) && (status == Poco::Net::HTTPResponse::HTTP_MOVED_PERMANENTLY  || status == Poco::Net::HTTPResponse::HTTP_FOUND || status == Poco::Net::HTTPResponse::HTTP_SEE_OTHER  || status == Poco::Net::HTTPResponse::HTTP_TEMPORARY_REDIRECT) )
        throw Poco::URIRedirection(response.get("Location"));
-    } else if (status != Poco::Net::HTTPResponse::HTTP_OK)    {
+
+    if (status != Poco::Net::HTTPResponse::HTTP_OK)    
+    {
        std::stringstream error_message;
        error_message << "Received error from remote server " << request.getURI() << ". HTTP status code: " << status << " "
                      << response.getReason() << ", body: " << istr->rdbuf();

--- a/dbms/src/IO/ReadWriteBufferFromHTTP.cpp
+++ b/dbms/src/IO/ReadWriteBufferFromHTTP.cpp
@@ -6,35 +6,36 @@ namespace DB

 namespace ErrorCodes
 {
-	extern const int TOO_MANY_REDIRECTS; 
+    extern const int TOO_MANY_REDIRECTS; 
 }


 std::unique_ptr<DB::ReadWriteBufferFromHTTP> makeReadWriteBufferFromHTTP(const Poco::URI & uri,
-	const std::string & method,
-	std::function<void(std::ostream &)> callback,
-	const DB::ConnectionTimeouts & timeouts,
-	const DB::SettingUInt64 max_redirects)
-	{
-		auto actual_uri =uri;
-		UInt64 redirects = 0;
-		
-		do 
-		{
-			try 
-			{
-				return std::make_unique<DB::ReadWriteBufferFromHTTP>(actual_uri, method, callback, timeouts);
-			} 
-			catch (Poco::URIRedirection & exc) {
-				redirects++;
-				actual_uri = exc.uri();
-			}
-		} while(max_redirects>redirects);
-		
-		// too many redirects....
-		std::stringstream error_message;
-		error_message << "Too many redirects while trying to access " << uri.toString() ;
-		
-		throw Exception(error_message.str(), ErrorCodes::TOO_MANY_REDIRECTS);
-	}
+    const std::string & method,
+    std::function<void(std::ostream &)> callback,
+    const DB::ConnectionTimeouts & timeouts,
+    const DB::SettingUInt64 max_redirects)
+    {
+        auto actual_uri =uri;
+        UInt64 redirects = 0;
+        
+        do 
+        {
+            try 
+            {
+                return std::make_unique<DB::ReadWriteBufferFromHTTP>(actual_uri, method, callback, timeouts);
+            } 
+            catch (Poco::URIRedirection & exc) 
+            {
+                redirects++;
+                actual_uri = exc.uri();
+            }
+        } while(max_redirects>redirects);
+        
+        // too many redirects....
+        std::stringstream error_message;
+        error_message << "Too many redirects while trying to access " << uri.toString() ;
+        
+        throw Exception(error_message.str(), ErrorCodes::TOO_MANY_REDIRECTS);
+    }
 }
\ No newline at end of file