Implement odata-version checks
The redfish protocol validator is a cruel.... cruel test. In it, it
attempts to send odata-version headers that are not supported by the
spec. bmcweb has never had a use for those headers, and they are
optional to send, so bmcweb ignored them. This patchset fixes that.
The exact wording of the standard is in the patch.
Tested:
curl --insecure --user root:0penBmc https://192.168.7.2/redfish/v1
Returns service root
curl --insecure --user root:0penBmc -H "Odata-version: 4.0" https://192.168.7.2/redfish/v1
returns service root
curl --insecure --user root:0penBmc -H "Odata-version: 4.1" https://192.168.7.2/redfish/v1
returns precondition failed message from base registry, and 501 code.
Redfish protocol validator now shows REQ_HEADERS_ODATA_VERSION test
passing.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I7d2f4bd9f6b7f03655d7e169ee20f45f9aaa73e3
diff --git a/redfish-core/include/query.hpp b/redfish-core/include/query.hpp
index b06278b..7db370d 100644
--- a/redfish-core/include/query.hpp
+++ b/redfish-core/include/query.hpp
@@ -11,6 +11,19 @@
const crow::Request& req,
crow::Response& res)
{
+ BMCWEB_LOG_DEBUG << "setup redfish route";
+
+ // Section 7.4 of the redfish spec "Redfish Services shall process the
+ // [OData-Version header] in the following table as defined by the HTTP 1.1
+ // specification..."
+ // Required to pass redfish-protocol-validator REQ_HEADERS_ODATA_VERSION
+ std::string_view odataHeader = req.getHeaderValue("OData-Version");
+ if (!odataHeader.empty() && odataHeader != "4.0")
+ {
+ messages::preconditionFailed(res);
+ return false;
+ }
+
// If query parameters aren't enabled, do nothing.
if constexpr (!bmcwebInsecureEnableQueryParams)
{