Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-91889

Add parameter placeholders in QE payloads

    • Server Security
    • Fully Compatible
    • v8.0
    • Security 2024-07-08, Security 2024-07-22

      Scope

      Ignore placeholder fields for encryption parameters ("min", "max", "trimFactor", "sparsity", and "precision") in the QE range payloads:

      • FLE2InsertUpdatePayloadV2
      • FLE2FindRangePayloadV2

      For consistency with other single-letter fields, consider using short field names:

      • "min" as "mi"
      • "max" as "ma",
      • "trimFactor" as "tf",
      • "sparsity" as "s"
      • "precision" as "p"

      Alternatively: accept all extra fields. Set strict to false in the IDL (example).

      Background & Motivation

      Placeholders may enable future safeguards proposed in SERVER-91887 without requiring new V3 payloads (8.0 servers can ignore the fields). Local testing suggests the server rejects unrecognized fields in the payloads: "BSON field 'root.foo' is an unknown field".

            Assignee:
            mark.benvenuto@mongodb.com Mark Benvenuto
            Reporter:
            kevin.albertson@mongodb.com Kevin Albertson
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: