Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rest _search endpoint accepts invalid json body #28995

Closed
jimczi opened this issue Mar 12, 2018 · 3 comments
Closed

Rest _search endpoint accepts invalid json body #28995

jimczi opened this issue Mar 12, 2018 · 3 comments
Labels
>bug :Search/Search Search-related issues that do not fall into other categories

Comments

@jimczi
Copy link
Contributor

jimczi commented Mar 12, 2018

This issue was first reported in #28985.
Any text after the last closing bracket is simply ignored by the request json parser. So for instance a request like:

{
  "query": {
          "term": {
            "ProductID": "one"
          }
  }
},
"field_after_last_bracket": {
}
}

... is accepted.
I don't know why we have this leniency which is why I am opening this issue as a bug.
@jimczi jimczi added >bug :Search/Search Search-related issues that do not fall into other categories labels Mar 12, 2018
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-search-aggs

@nikhilbarar
Copy link

Is this issue accepted?

@nik9000
Copy link
Member

nik9000 commented Mar 14, 2018

Is this issue accepted?

We consider it a real issue worth fixing, so, yeah.

jimczi added a commit to jimczi/elasticsearch that referenced this issue Apr 9, 2018
@jimczi
Fail _search request with trailing tokens
331064e 
This change validates that the `_search` request does not have trailing
tokens after the main object and fails the request with a parsing exception otherwise.

Closes elastic#28995
@jimczi jimczi mentioned this issue Apr 9, 2018
Merged
jimczi added a commit that referenced this issue Apr 11, 2018
@jimczi
Fail _search request with trailing tokens (#29428)
1b6d5e5 
This change validates that the `_search` request does not have trailing
tokens after the main object and fails the request with a parsing exception otherwise.

Closes #28995
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
>bug :Search/Search Search-related issues that do not fall into other categories
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@nik9000 @elasticmachine @jimczi @nikhilbarar