Add metadata key validation and dot-segment path escaping

Author: alxgsv

metadata/service.go

@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"net/url"
 
 	"github.com/uploadcare/uploadcare-go/v2/internal/config"
 	"github.com/uploadcare/uploadcare-go/v2/internal/svc"
@@ -57,10 +58,13 @@ func (s service) Get(
 	ctx context.Context,
 	fileUUID, key string,
 ) (data string, err error) {
+	if err = validateKey(key); err != nil {
+		return
+	}
 	err = s.svc.ResourceOp(
 		ctx,
 		http.MethodGet,
-		fmt.Sprintf("/files/%s/metadata/%s/", fileUUID, key),
+		metadataKeyPath(fileUUID, key),
 		nil,
 		&data,
 	)
@@ -72,10 +76,13 @@ func (s service) Set(
 	ctx context.Context,
 	fileUUID, key, value string,
 ) (data string, err error) {
+	if err = validateKey(key); err != nil {
+		return
+	}
 	err = s.svc.ResourceOp(
 		ctx,
 		http.MethodPut,
-		fmt.Sprintf("/files/%s/metadata/%s/", fileUUID, key),
+		metadataKeyPath(fileUUID, key),
 		stringBody(value),
 		&data,
 	)
@@ -87,10 +94,13 @@ func (s service) Delete(
 	ctx context.Context,
 	fileUUID, key string,
 ) (err error) {
+	if err = validateKey(key); err != nil {
+		return
+	}
 	err = s.svc.ResourceOp(
 		ctx,
 		http.MethodDelete,
-		fmt.Sprintf("/files/%s/metadata/%s/", fileUUID, key),
+		metadataKeyPath(fileUUID, key),
 		nil,
 		nil,
 	)
@@ -112,3 +122,22 @@ func (s stringBody) EncodeReq(req *http.Request) error {
 	req.ContentLength = int64(buf.Len())
 	return nil
 }
+
+func metadataKeyPath(fileUUID, key string) string {
+	return fmt.Sprintf(
+		"/files/%s/metadata/%s/",
+		fileUUID,
+		escapeKeyPathSegment(key),
+	)
+}
+
+func escapeKeyPathSegment(key string) string {
+	switch key {
+	case ".":
+		return "%2E"
+	case "..":
+		return "%2E%2E"
+	default:
+		return url.PathEscape(key)
+	}
+}

metadata/service_test.go

@@ -8,6 +8,7 @@ import (
 	"net/http"
 	"net/http/httptest"
 	"reflect"
+	"strings"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -155,3 +156,123 @@ func TestGet_NotFound(t *testing.T) {
 	assert.Error(t, err)
 	assert.Contains(t, err.Error(), "404")
 }
+
+func TestKeyValidation(t *testing.T) {
+	t.Parallel()
+
+	tests := []struct {
+		name string
+		call func(Service) error
+	}{
+		{
+			name: "get rejects slash",
+			call: func(svc Service) error {
+				_, err := svc.Get(context.Background(), "test-uuid", "a/b")
+				return err
+			},
+		},
+		{
+			name: "set rejects empty",
+			call: func(svc Service) error {
+				_, err := svc.Set(context.Background(), "test-uuid", "", "value")
+				return err
+			},
+		},
+		{
+			name: "delete rejects too long",
+			call: func(svc Service) error {
+				err := svc.Delete(context.Background(), "test-uuid", strings.Repeat("a", 65))
+				return err
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
+
+			svc, srv := newTestService(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+				t.Fatalf("unexpected request: %s %s", r.Method, r.RequestURI)
+			}))
+			defer srv.Close()
+
+			err := tt.call(svc)
+			assert.ErrorIs(t, err, ErrInvalidKey)
+		})
+	}
+}
+
+func TestDotSegmentKeysAreEscaped(t *testing.T) {
+	t.Parallel()
+
+	tests := []struct {
+		name       string
+		method     string
+		key        string
+		wantURI    string
+		wantBody   string
+		call       func(Service, string) error
+		statusCode int
+	}{
+		{
+			name:       "get dot key",
+			method:     http.MethodGet,
+			key:        ".",
+			wantURI:    "/files/test-uuid/metadata/%2E/",
+			statusCode: http.StatusOK,
+			call: func(svc Service, key string) error {
+				_, err := svc.Get(context.Background(), "test-uuid", key)
+				return err
+			},
+		},
+		{
+			name:       "set dotdot key",
+			method:     http.MethodPut,
+			key:        "..",
+			wantURI:    "/files/test-uuid/metadata/%2E%2E/",
+			wantBody:   `"value"`,
+			statusCode: http.StatusOK,
+			call: func(svc Service, key string) error {
+				_, err := svc.Set(context.Background(), "test-uuid", key, "value")
+				return err
+			},
+		},
+		{
+			name:       "delete dot key",
+			method:     http.MethodDelete,
+			key:        ".",
+			wantURI:    "/files/test-uuid/metadata/%2E/",
+			statusCode: http.StatusNoContent,
+			call: func(svc Service, key string) error {
+				return svc.Delete(context.Background(), "test-uuid", key)
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
+
+			svc, srv := newTestService(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+				assert.Equal(t, tt.method, r.Method)
+				assert.Equal(t, tt.wantURI, r.RequestURI)
+
+				if tt.wantBody != "" {
+					body, err := io.ReadAll(r.Body)
+					assert.NoError(t, err)
+					assert.Equal(t, tt.wantBody, string(body))
+				}
+
+				w.Header().Set("Content-Type", "application/json")
+				w.WriteHeader(tt.statusCode)
+				if tt.statusCode != http.StatusNoContent {
+					json.NewEncoder(w).Encode("ok")
+				}
+			}))
+			defer srv.Close()
+
+			err := tt.call(svc, tt.key)
+			assert.NoError(t, err)
+		})
+	}
+}

metadata/validation.go

@@ -0,0 +1,20 @@
+package metadata
+
+import (
+	"errors"
+	"fmt"
+	"regexp"
+)
+
+var (
+	keyPattern = regexp.MustCompile(`^[-_.:A-Za-z0-9]{1,64}$`)
+	// ErrInvalidKey reports metadata keys that do not match the documented format.
+	ErrInvalidKey = errors.New("metadata key must match ^[-_.:A-Za-z0-9]{1,64}$")
+)
+
+func validateKey(key string) error {
+	if !keyPattern.MatchString(key) {
+		return fmt.Errorf("%w: %q", ErrInvalidKey, key)
+	}
+	return nil
+}