Skip to content

Commit

Permalink
Remove returning the response body:
Browse files Browse the repository at this point in the history
In testing this was causing issues with
consumers of the provider using the error
string. Also, for security reasons we might
not want to return an arbitrary response body,
especially when it doesn't conform to the response
contract.

Signed-off-by: Jacob Weinstock <[email protected]>
  • Loading branch information
jacobweinstock committed Sep 19, 2023
1 parent f6a3401 commit 3216ab0
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 3 deletions.
3 changes: 1 addition & 2 deletions providers/rpc/http.go
Original file line number Diff line number Diff line change
Expand Up @@ -58,8 +58,7 @@ func (p *Provider) handleResponse(statusCode int, headers http.Header, body *byt
if statusCode != http.StatusOK {
return ResponsePayload{}, fmt.Errorf("unexpected status code: %d, response error(optional): %v", statusCode, res.Error)
}
example, _ := json.Marshal(ResponsePayload{ID: 123, Host: p.Host, Error: &ResponseError{Code: 1, Message: "error message"}})
return ResponsePayload{}, fmt.Errorf("failed to parse response: got: %q, error: %w, expected response json spec: %v", body.String(), err, string(example))
return ResponsePayload{}, fmt.Errorf("failed to parse response: %w", err)

Check warning on line 61 in providers/rpc/http.go

View check run for this annotation

Codecov / codecov/patch

providers/rpc/http.go#L61

Added line #L61 was not covered by tests
}
if statusCode != http.StatusOK {
return ResponsePayload{}, fmt.Errorf("unexpected status code: %d, response error(optional): %v", statusCode, res.Error)
Expand Down
2 changes: 1 addition & 1 deletion providers/rpc/rpc_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -124,7 +124,7 @@ func TestPowerStateGet(t *testing.T) {
shouldErr bool
url string
}{
"success": {},
"success": {powerState: "on"},
"unknown state": {shouldErr: true},
}

Expand Down

0 comments on commit 3216ab0

Please sign in to comment.