This repository has been archived by the owner on Apr 26, 2024. It is now read-only.
Validate data passed to REST endpoints
No due date
33% complete
Tracking issue #13147
This includes:
- any API in the matrix spec
- the admin API
- request bodies, probably easiest to validate with Pydantic
- url parameters and query strings---not sure how to validate these
rg --case-sensitive "def .*(POST|PUT|DELETE|GET).*\(" synapse gives a crude way to work out what needs to be done.
Related: #8445.
Not related: #12651. …
Tracking issue #13147
This includes:
- any API in the matrix spec
- the admin API
- request bodies, probably easiest to validate with Pydantic
- url parameters and query strings---not sure how to validate these
rg --case-sensitive "def .*(POST|PUT|DELETE|GET).*\(" synapse gives a crude way to work out what needs to be done.
Related: #8445.
Not related: #12651. That's for Synapse's config only. (Though see https://pydantic-docs.helpmanual.io/usage/settings/)
I propose to use Pydantic for verifying payloads after deserialisation.