Skip to content

Tighten movie metadata validation and artwork URL policy #197

Description

@cmsjade5000

Goal

Constrain movie create/update payloads so stored metadata and artwork URLs stay within expected bounds.

Context

Movie schemas allow broad strings/lists, and artwork handling has multiple policy surfaces: validation, rendering, CSP, and poster caching. This issue should make those policies line up so malformed metadata is rejected early and artwork URLs do not become a privacy or rendering risk.

Suggested Scope

  • Add Pydantic length limits, list limits, numeric ranges, and external ID patterns where missing.
  • Review poster/backdrop URL handling and decide whether to use allowlisted hosts, local cache/proxy-only URLs, or stricter URL validation.
  • Keep existing valid imports and provider-enriched updates working.
  • Add regression tests around oversize values, malformed IDs, invalid URLs, and valid provider URLs.
  • Update docs if the accepted artwork URL policy changes.

Files or Areas

  • api/schemas/movie.py
  • api/services/movie_updates.py
  • api/services/poster_cache.py
  • api/routers/movies.py
  • templates/movie_detail.html
  • tests/test_movie_metadata.py
  • tests/test_movie_flags.py
  • tests/test_poster_cache.py

Out of Scope

  • Bulk editing live movie records
  • Pulling private database contents into fixtures
  • Replacing the whole metadata import pipeline
  • Expanding CSP to accept arbitrary image hosts without a documented policy

Acceptance Criteria

  • Oversized or malformed metadata is rejected early with clear validation errors.
  • Artwork URL policy is consistent between validation, caching, rendering, and CSP.
  • Existing valid imports/updates still pass.
  • Tests use synthetic movie data and fake URLs only.

Verification

  • pytest tests/test_movie_metadata.py tests/test_poster_cache.py
  • Any focused create/update route tests added by the PR
  • Optional manual check: update a synthetic movie with valid and invalid artwork URLs in a local dev database.

Contributor Notes

This is security/data-quality work. Please keep the PR narrow, use synthetic data, and avoid committing private exports, provider payloads, or live database rows.

Metadata

Metadata

Assignees

No one assigned

    Labels

    data-qualityMetadata, imports, duplicates, artwork, or collection-health workhelp wantedExtra attention is neededmetadatasecuritySecurity, privacy, authorization, or dependency riskvalidation

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions