hostname format checker might raise ValueError #1121
Comments
|
Thanks, indeed the first step here is to add a test to the official test suite. Help welcome whenever you care to. |
Assert that hostname format validation fails gracefully on empty strings. This is especially for Python `jsonschema` library that raises an unexpected ValueError exception on `hostname` check (python-jsonschema/jsonschema#1121). Adds similar test to: * draft3: host-name * draft4: hostname * draft6: hosntame * draft7: hostname, idn-hostname * draft2019-09: hostname, idn-hostname * draft2020-12: hostname, idn-hostname * draft-next: hostname, idn-hostname
Assert that hostname format validation fails gracefully on empty strings. This is especially for Python `jsonschema` library that raises an unexpected ValueError exception on `hostname` check (python-jsonschema/jsonschema#1121). Adds similar test for: * draft3: host-name * draft4: hostname * draft6: hosntame * draft7: hostname, idn-hostname * draft2019-09: hostname, idn-hostname * draft2020-12: hostname, idn-hostname * draft-next: hostname, idn-hostname
Doing hostname format check on empty string seems to raise a ValueError:
>>> from jsonschema.validators import validator_for
>>> schema = {"$schema": "https://json-schema.org/draft/2020-12/schema", "type": "string", "format": "hostname"}
>>> vcls = validator_for(schema)
>>> validator = vcls(schema, format_checker=vcls.FORMAT_CHECKER)
>>> list(validator.iter_errors(""))
...
File "lib/python3.10/site-packages/jsonschema/_format.py", line 276, in is_host_name
return FQDN(instance).is_valid
File "lib/python3.10/site-packages/fqdn/__init__.py", line 44, in __init__
raise ValueError("fqdn must be str")
ValueError: fqdn must be str
Fix by adding `raises=ValueError` to the related `@_checks_drafts` decorator call.
See also json-schema-org/JSON-Schema-Test-Suite#677.
Fixes python-jsonschema#1121.
|
Discussion in json-schema-org/JSON-Schema-Test-Suite#677 pointed out that zero length strings are actually valid in the scope of given RFC's. So, my initial easy PR needs a bit more work. As the zero length / empty string is valid, also >>> import idna
>>> idna.encode("")
idna.core.IDNAError: Empty domain>>> idna.encode(".")
idna.core.IDNAError: Empty LabelTo be continued... |
|
@Julian I think the easiest patch for now is to do a fast pre-check / Something like if instance in ("", "."):
return TrueAt the moment Even with that fix I think it makes sense to add 🤔 |
Yep that seems right to me.
I'm somewhat OK with this but can you try to read through the source code of those libs and see whether there appear to be any explicit code paths which will really hit that? As I say I'm probably OK adding it regardless, but it's a bit nice to be thorough while we're here. |
|
And then there is the Python standard lib I need a short break from all this... maybe resuming tomorrow. |
Julian
added
the
Needs Test Upstream
|
I have encountered this regression when upgrading from 3.0.1 to 4.21.1 (a big jump as older versions don't support python 3.12) Previously passing an empty string would have resulted in a 'format' error, it now leaks the ValueError exception instead of being able to enumerate all the errors in the document being validated. I've written a longer comment on the tests as to what I think the behaviour should be, but not "crashing" (leaking exceptions) when enumerating errors would be a good start here. |
|
I believe that ypcrts/fqdn#45 is the root cause, but catching a ValueError defensively here is probably the right thing to do. |
|
Thanks for filing that. Yeah I'm happy with catching the |
At least on empty string
format: hostnamevalidator raisesValueErrorand not the expectedValidationError.This also fails on
iter_errors()usage.This might be enough to fix it:
Sorry, no time to properly test + send a PR at this point in time.
The text was updated successfully, but these errors were encountered: