s3api: return 400 for invalid namespace query in REST table routes (#8296)

* s3api: reject invalid namespace query in REST table routes * s3api: expand namespace validation REST tests
2026-02-10 17:57:08 -08:00
parent 822dbed552
commit 5c365e7090
2 changed files with 118 additions and 7 deletions
--- a/weed/s3api/s3api_tables.go
+++ b/weed/s3api/s3api_tables.go
@@ -226,17 +226,16 @@ func parseOptionalIntParam(r *http.Request, name string) (int, error) {
 	return parsed, nil
 }

-func parseOptionalNamespace(r *http.Request, name string) []string {
+func parseOptionalNamespace(r *http.Request, name string) ([]string, error) {
 	value := r.URL.Query().Get(name)
 	if value == "" {
-		return nil
+		return nil, nil
 	}
 	parts, err := s3tables.ParseNamespace(value)
 	if err != nil {
-		glog.V(1).Infof("invalid namespace value for %s: %q: %v", name, value, err)
-		return nil
+		return nil, fmt.Errorf("invalid %s: %w", name, err)
 	}
-	return parts
+	return parts, nil
 }

 func parseRequiredNamespacePathParam(r *http.Request, name string) ([]string, error) {
@@ -412,13 +411,17 @@ func buildListTablesRequest(r *http.Request) (interface{}, error) {
 	if err != nil {
 		return nil, err
 	}
+	namespace, err := parseOptionalNamespace(r, "namespace")
+	if err != nil {
+		return nil, err
+	}
 	maxTables, err := parseOptionalIntParam(r, "maxTables")
 	if err != nil {
 		return nil, err
 	}
 	return &s3tables.ListTablesRequest{
 		TableBucketARN:    tableBucketARN,
-		Namespace:         parseOptionalNamespace(r, "namespace"),
+		Namespace:         namespace,
 		Prefix:            r.URL.Query().Get("prefix"),
 		ContinuationToken: r.URL.Query().Get("continuationToken"),
 		MaxTables:         maxTables,
@@ -433,7 +436,11 @@ func buildGetTableRequest(r *http.Request) (interface{}, error) {
 	}
 	if tableARN == "" {
 		req.TableBucketARN = query.Get("tableBucketARN")
-		req.Namespace = parseOptionalNamespace(r, "namespace")
+		namespace, err := parseOptionalNamespace(r, "namespace")
+		if err != nil {
+			return nil, err
+		}
+		req.Namespace = namespace
 		req.Name = query.Get("name")
 		if req.TableBucketARN == "" || len(req.Namespace) == 0 || req.Name == "" {
 			return nil, fmt.Errorf("either tableArn or (tableBucketARN, namespace, name) must be provided")
--- a/weed/s3api/s3api_tables_rest_validation_test.go
+++ b/weed/s3api/s3api_tables_rest_validation_test.go
@@ -0,0 +1,104 @@
+package s3api
+
+import (
+	"encoding/json"
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"strings"
+	"testing"
+
+	"github.com/gorilla/mux"
+
+	"github.com/seaweedfs/seaweedfs/weed/s3api/s3tables"
+)
+
+const testTableBucketARN = "arn:aws:s3tables:us-east-1:123456789012:bucket/test-bucket"
+
+func TestBuildListTablesRequestRejectsInvalidNamespaceQuery(t *testing.T) {
+	testCases := []struct {
+		name      string
+		namespace string
+	}{
+		{name: "uppercase", namespace: "InvalidNamespace"},
+		{name: "hyphen", namespace: "invalid-ns"},
+		{name: "slash", namespace: "a/b"},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			req := httptest.NewRequest(http.MethodGet, "/tables?namespace="+url.QueryEscape(tc.namespace), nil)
+			req = mux.SetURLVars(req, map[string]string{"tableBucketARN": testTableBucketARN})
+
+			_, err := buildListTablesRequest(req)
+			if err == nil {
+				t.Fatalf("expected invalid namespace query to return an error")
+			}
+			if !strings.Contains(err.Error(), "invalid namespace") {
+				t.Fatalf("expected invalid namespace error, got %q", err.Error())
+			}
+		})
+	}
+}
+
+func TestBuildGetTableRequestRejectsInvalidNamespaceQuery(t *testing.T) {
+	testCases := []struct {
+		name      string
+		namespace string
+	}{
+		{name: "uppercase", namespace: "InvalidNamespace"},
+		{name: "hyphen", namespace: "invalid-ns"},
+		{name: "slash", namespace: "a/b"},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			req := httptest.NewRequest(http.MethodGet, "/get-table?tableBucketARN="+url.QueryEscape(testTableBucketARN)+"&namespace="+url.QueryEscape(tc.namespace)+"&name=table1", nil)
+
+			_, err := buildGetTableRequest(req)
+			if err == nil {
+				t.Fatalf("expected invalid namespace query to return an error")
+			}
+			if !strings.Contains(err.Error(), "invalid namespace") {
+				t.Fatalf("expected invalid namespace error, got %q", err.Error())
+			}
+		})
+	}
+}
+
+func TestHandleRestOperationReturnsBadRequestForInvalidNamespaceQuery(t *testing.T) {
+	testCases := []struct {
+		name      string
+		namespace string
+	}{
+		{name: "uppercase", namespace: "InvalidNamespace"},
+		{name: "hyphen", namespace: "invalid-ns"},
+		{name: "slash", namespace: "a/b"},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			req := httptest.NewRequest(http.MethodGet, "/tables?namespace="+url.QueryEscape(tc.namespace), nil)
+			req = mux.SetURLVars(req, map[string]string{"tableBucketARN": testTableBucketARN})
+			rr := httptest.NewRecorder()
+
+			st := &S3TablesApiServer{}
+			st.handleRestOperation("ListTables", buildListTablesRequest).ServeHTTP(rr, req)
+
+			if rr.Code != http.StatusBadRequest {
+				t.Fatalf("expected status %d, got %d", http.StatusBadRequest, rr.Code)
+			}
+
+			var body map[string]string
+			if err := json.Unmarshal(rr.Body.Bytes(), &body); err != nil {
+				t.Fatalf("failed to decode error response: %v", err)
+			}
+			if got, want := body["__type"], s3tables.ErrCodeInvalidRequest; got != want {
+				t.Fatalf("expected __type=%q, got %q", want, got)
+			}
+			if !strings.Contains(body["message"], "invalid namespace") {
+				t.Fatalf("expected invalid namespace error message, got %q", body["message"])
+			}
+		})
+	}
+}