Validate that UUID's coming into the server are UUID's.

[crspybits]

The client provides the UUID's. Clients can't be trusted. Make sure the UUID's received in API/endpoint requests are actually UUID's.

[crspybits]

As part of this should:

1. standardize on lowercase/uppercase for UUID's (some are lower and some are upper in the database tables right now).
2. Make sure searches/comparisons in database tables take place independent of upper/lower case. e.g., if you search for a UUID with an uppercase example string, it will find a lower case instance in the db.

[danligas]

COLLATE utf8_ci --'ci' stands for case insensitive: choose the colaltion that fits your encoding

…

On Sun, Jun 16, 2019 at 5:20 PM Christopher Prince ***@***.***> wrote: As part of this should: 1. standardize on lowercase/uppercase for UUID's (some are lower and some are upper in the database tables right now). 2. Make sure searches/comparisons in database tables take place independent of upper/lower case. e.g., if you search for a UUID with an uppercase example string, it will find a lower case instance in the db. — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#90?email_source=notifications&email_token=ACIQHQXRRQLAV57G5V5GBNLP22VCBA5CNFSM4F2RHGS2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODXZVNMA#issuecomment-502486704>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ACIQHQRFZAHW22BVPWAL7YLP22VCBANCNFSM4F2RHGSQ> .