scouting: Make /sha256/ requests stricter Before this patch, requesting a file via its checksum only required the checksum itself. The path specified after the checksum was ignored. This meant that it was actually pretty easy to screw up the checksum with copy-paste errors. Signed-off-by: Philipp Schrader <philipp.schrader@gmail.com> Change-Id: I382ae36f3be3eb373e261186cf399b6316e5f21d

commit: 67fe6d0bb156a8b6350119222acd16d39328b44a [log] [tgz]
author: Philipp Schrader <philipp.schrader@gmail.com> Sat Apr 16 15:37:40 2022 -0700
committer: Philipp Schrader <philipp.schrader+971@gmail.com> Wed May 04 19:43:32 2022 -0700
tree: 26d3c407563bfb98e8fac6cf04a3cbfa81e04946
parent: 4b8b45baad91a40eb93bc5772e224522470c094d [diff] [blame]
diff --git a/scouting/webserver/static/static_test.go b/scouting/webserver/static/static_test.go
index 09ed940..1d036a0 100644
--- a/scouting/webserver/static/static_test.go
+++ b/scouting/webserver/static/static_test.go

@@ -92,6 +92,14 @@
 		t.Fatal("Failed to get data ", err)
 	}
 	expectEqual(t, resp.Status, "404 Not Found")
+
+	// Make a request with a valid checksum but invalid path and make sure
+	// we get a 400.
+	resp, err = http.Get("http://localhost:8080/sha256/553b9b29647a112136986cf93c57b988d1f12dc43d3b774f14a24e58d272dbff/not_root.txt")
+	if err != nil {
+		t.Fatal("Failed to get data ", err)
+	}
+	expectEqual(t, resp.Status, "400 Bad Request")
 }
 
 // Retrieves the data at the specified path. If an error occurs, the test case
commit	67fe6d0bb156a8b6350119222acd16d39328b44a	[log] [tgz]
author	Philipp Schrader <philipp.schrader@gmail.com>	Sat Apr 16 15:37:40 2022 -0700
committer	Philipp Schrader <philipp.schrader+971@gmail.com>	Wed May 04 19:43:32 2022 -0700
tree	26d3c407563bfb98e8fac6cf04a3cbfa81e04946
parent	4b8b45baad91a40eb93bc5772e224522470c094d [diff] [blame]