Skip to main content

Lack of data validation - Responses

Need

Maintain data integrity by server-side validation of input data

Context

  • Usage of Elixir (1.12 and above) for building scalable and fault-tolerant applications
  • Usage of Plug for request handling

Description

Non compliant code

defmodule UserController do
  use MyApp.Web, :controller

  def show(conn, params) do
    user = Repo.get(User, params["id"])
    render(conn, "show.json", user: user)
  end

  def update(conn, params) do
    user = Repo.get(User, params["id"])
    user_changes = Map.from_struct(params["user"])
    changeset = User.changeset(user, user_changes)
    case Repo.update(changeset) do
      {:ok, user} ->
        render(conn, "show.json", user: user)
      {:error, changeset} ->
        conn
        |> put_status(:unprocessable_entity)
        |> render(MyApp.ChangesetView, "error.json", changeset: changeset)
    end
  end
end

This code fetches a user record and sends it in the response, then takes user data from a subsequent request and updates the user record without any validation. If the received data is invalid, it could lead to data integrity issues.

Steps

  • Validate the incoming data before updating the record.
  • If the data is not valid, return an error response.

Compliant code

defmodule UserController do
  use MyApp.Web, :controller

  def show(conn, params) do
    user = Repo.get(User, params["id"])
    render(conn, "show.json", user: user)
  end

  def update(conn, params) do
    user = Repo.get(User, params["id"])
    user_changes = Map.from_struct(params["user"])
    if valid_user_data?(user_changes) do
      changeset = User.changeset(user, user_changes)
      case Repo.update(changeset) do
        {:ok, user} ->
          render(conn, "show.json", user: user)
        {:error, changeset} ->
          conn
          |> put_status(:unprocessable_entity)
          |> render(MyApp.ChangesetView, "error.json", changeset: changeset)
      end
    else
      send_resp(conn, 400, "Invalid user data")
    end
  end

  defp valid_user_data?(data) do
    # Implement validation logic here
  end
end

In the secure code example, the incoming user data is validated before it is used to update the user record. If the data is not valid, an error response is returned. This prevents an attacker from submitting invalid data.

References

Last updated on