feat: Disable unknown JSON key and query parameter validation by commenting out respective checks.

main
Cizz22 4 months ago
parent 1500e40d3f
commit fdde5bdee3

@ -189,9 +189,9 @@ def inspect_json(obj, path="body", check_whitelist=True):
log.warning(f"Security violation: Forbidden JSON key detected: {path}.{key}")
raise HTTPException(status_code=422, detail="Invalid request parameters")
if check_whitelist and key not in ALLOWED_DATA_PARAMS:
log.warning(f"Security violation: Unknown JSON key detected: {path}.{key}")
raise HTTPException(status_code=422, detail="Invalid request parameters")
# if check_whitelist and key not in ALLOWED_DATA_PARAMS:
# log.warning(f"Security violation: Unknown JSON key detected: {path}.{key}")
# raise HTTPException(status_code=422, detail="Invalid request parameters")
# Recurse. If the key is a dynamic container, we stop whitelist checking for children.
should_check_subkeys = check_whitelist and (key not in DYNAMIC_KEYS)
@ -251,10 +251,10 @@ class RequestValidationMiddleware(BaseHTTPMiddleware):
raise HTTPException(status_code=422, detail="Invalid request parameters")
# Check for unknown query parameters
unknown_params = [key for key, _ in params if key not in ALLOWED_DATA_PARAMS]
if unknown_params:
log.warning(f"Security violation: Unknown query parameters detected: {unknown_params}")
raise HTTPException(status_code=422, detail="Invalid request parameters")
# unknown_params = [key for key, _ in params if key not in ALLOWED_DATA_PARAMS]
# if unknown_params:
# log.warning(f"Security violation: Unknown query parameters detected: {unknown_params}")
# raise HTTPException(status_code=422, detail="Invalid request parameters")
# -------------------------
# 2. Duplicate parameters

Loading…
Cancel
Save