Skip OpenAPI validation for GET requests since they don't have request bodies

2025-10-30 14:17:40 +00:00 · 2025-09-15 11:47:51 +02:00
parent 71bd3cbb6a
commit 53556fdc8b
2 changed files with 15 additions and 11 deletions
--- a/changedetectionio/api/init.py
+++ b/changedetectionio/api/init.py
@@ -47,16 +47,20 @@ def validate_openapi_request(operation_id):
        @functools.wraps(f)
        def wrapper(*args, **kwargs):
            try:
-                spec = get_openapi_spec()
-                openapi_request = FlaskOpenAPIRequest(request)
-                result = spec.unmarshal_request(openapi_request)
-                if result.errors:
-                    from flask import jsonify
-                    from werkzeug.exceptions import BadRequest
-                    error_details = []
-                    for error in result.errors:
-                        error_details.append(str(error))
-                    raise BadRequest(f"OpenAPI validation failed: {error_details}")
+                # Skip OpenAPI validation for GET requests since they don't have request bodies
+                if request.method.upper() != 'GET':
+                    spec = get_openapi_spec()
+                    openapi_request = FlaskOpenAPIRequest(request)
+                    result = spec.unmarshal_request(openapi_request)
+                    if result.errors:
+                        from werkzeug.exceptions import BadRequest
+                        error_details = []
+                        for error in result.errors:
+                            error_details.append(str(error))
+                        raise BadRequest(f"OpenAPI validation failed: {error_details}")
+            except BadRequest:
+                # Re-raise BadRequest exceptions (validation failures)
+                raise
            except Exception as e:
                # If OpenAPI spec loading fails, log but don't break existing functionality
                logger.critical(f"OpenAPI validation warning for {operation_id}: {e}")
--- a/changedetectionio/tests/test_api.py
+++ b/changedetectionio/tests/test_api.py
@@ -396,7 +396,7 @@ def test_api_import(client, live_server, measure_memory_usage):
    res = client.post(
        url_for("import") + "?tag=import-test",
        data='https://website1.com\r\nhttps://website2.com',
-        headers={'x-api-key': api_key},
+        headers={'x-api-key': api_key, 'content-type': 'text/plain'},
        follow_redirects=True
    )