diff --git a/dgraph/cmd/alpha/http.go b/dgraph/cmd/alpha/http.go index 263a4b8277e..99ecf16d9a1 100644 --- a/dgraph/cmd/alpha/http.go +++ b/dgraph/cmd/alpha/http.go @@ -24,6 +24,7 @@ import ( "fmt" "io" "io/ioutil" + "mime" "net/http" "sort" "strconv" @@ -177,18 +178,27 @@ func queryHandler(w http.ResponseWriter, r *http.Request) { Query string `json:"query"` Variables map[string]string `json:"variables"` } + contentType := r.Header.Get("Content-Type") - switch strings.ToLower(contentType) { + mediaType, contentTypeParams, err := mime.ParseMediaType(contentType) + if err != nil { + x.SetStatus(w, x.ErrorInvalidRequest, "Invalid Content-Type") + } + if charset, ok := contentTypeParams["charset"]; ok && strings.ToLower(charset) != "utf-8" { + x.SetStatus(w, x.ErrorInvalidRequest, "Unsupported charset. "+ + "Supported charset is UTF-8") + return + } + + switch mediaType { case "application/json": if err := json.Unmarshal(body, ¶ms); err != nil { jsonErr := convertJSONError(string(body), err) x.SetStatus(w, x.ErrorInvalidRequest, jsonErr.Error()) return } - case "application/graphql+-": params.Query = string(body) - default: x.SetStatus(w, x.ErrorInvalidRequest, "Unsupported Content-Type. "+ "Supported content types are application/json, application/graphql+-") @@ -300,7 +310,17 @@ func mutationHandler(w http.ResponseWriter, r *http.Request) { var req *api.Request contentType := r.Header.Get("Content-Type") - switch strings.ToLower(contentType) { + mediaType, contentTypeParams, err := mime.ParseMediaType(contentType) + if err != nil { + x.SetStatus(w, x.ErrorInvalidRequest, "Invalid Content-Type") + } + if charset, ok := contentTypeParams["charset"]; ok && strings.ToLower(charset) != "utf-8" { + x.SetStatus(w, x.ErrorInvalidRequest, "Unsupported charset. "+ + "Supported charset is UTF-8") + return + } + + switch mediaType { case "application/json": ms := make(map[string]*skipJSONUnmarshal) if err := json.Unmarshal(body, &ms); err != nil {