silverstripe-restfulapi icon indicating copy to clipboard operation
silverstripe-restfulapi copied to clipboard

Published 20 hours ago verified publisher icon colymba

Correctly parse $queryParams

Open pedro2555 opened this issue 10 years ago • 0 comments

$queryParams should be parsed and validated before executing against database.

On GET request for filtered data if one modifier value is empty server responds with the full result set.

api/model?Title__StartsWith=

For more robustness this should result in a 400 Bad Request.

Similarly,

api/model/?URL__StartsWith=

Results in a 500 Internal Server Error.

pedro2555 avatar Feb 24 '15 10:02 pedro2555