Merge pull request #916 from code-haven/master

Added validation for record names in route53 (boto3)
2017-05-10 21:32:53 -04:00 · 2017-05-10 21:32:53 -04:00 · 6ef2f366f6
commit 6ef2f366f6
parent f0c90c3af0 06d65fd3da
2 changed files with 167 additions and 0 deletions
--- a/moto/route53/responses.py
+++ b/moto/route53/responses.py
@ -112,6 +112,17 @@ class Route53(BaseResponse):
            for value in change_list:
                action = value['Action']
                record_set = value['ResourceRecordSet']
+
+                cleaned_record_name = record_set['Name'].strip('.')
+                cleaned_hosted_zone_name = the_zone.name.strip('.')
+
+                if not cleaned_record_name.endswith(cleaned_hosted_zone_name):
+                    error_msg = """
+                    An error occurred (InvalidChangeBatch) when calling the ChangeResourceRecordSets operation:
+                    RRSet with DNS name %s is not permitted in zone %s
+                    """ % (record_set['Name'], the_zone.name)
+                    return 400, headers, error_msg
+
                if action in ('CREATE', 'UPSERT'):
                    if 'ResourceRecords' in record_set:
                        resource_records = list(