Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Gracefully produce 404 error page for URLs with unknown vocabulary ID #1215

Merged
merged 1 commit into from
Oct 6, 2021
Merged

Gracefully produce 404 error page for URLs with unknown vocabulary ID #1215

merged 1 commit into from
Oct 6, 2021

Conversation

osma
Copy link
Member

@osma osma commented Oct 6, 2021
edited
Loading

This PR fixes a problem with URLs containing vocabulary IDs that are unknown to Skosmos. (This includes things like script kiddie attacks looking for WordPress installations and the like.)

Example: https://finto.fi/notfound/ -> produces a blank page and a message in the server error log:

[Wed Oct 06 10:15:19.928508 2021] [php7:error] [pid 16194] [client 127.0.0.1:58340] PHP Fatal error:  Uncaught ValueError: Vocabulary id 'notfound' not found in configuration. in /var/www/finto.fi/model/Model.php:420\nStack trace:\n#0 /var/www/finto.fi/model/Request.php(246): Model->getVocabulary('notfound')\n#1 /var/www/finto.fi/index.php(51): Request->setVocab('notfound')\n#2 {main}\n  thrown in /var/www/finto.fi/model/Model.php on line 420

The reason is that the code in index.php attempts catch Exception, but nowadays (since PR #1127) ValueError is produced instead and it is a subclass of Error, not Exception.

This one-line fix changes the catch block to also include ValueError. The end result is that a 404 page is produced instead of a blank page, and nothing gets written into the error log.

(credit to @kouralex for pointing this out)

@osma osma added the bug label Oct 6, 2021
@osma osma added this to the 2.12 milestone Oct 6, 2021
@osma osma self-assigned this Oct 6, 2021
@codecov
Copy link

codecov bot commented Oct 6, 2021

Codecov Report

Merging #1215 (9ac8831) into master (6688f21) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff            @@
##             master    #1215   +/-   ##
=========================================
  Coverage     68.36%   68.36%           
  Complexity     1619     1619           
=========================================
  Files            32       32           
  Lines          3973     3973           
=========================================
  Hits           2716     2716           
  Misses         1257     1257

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6688f21...9ac8831. Read the comment docs.

@sonarcloud
Copy link

sonarcloud bot commented Oct 6, 2021

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@osma osma merged commit 649e09a into master Oct 6, 2021
@osma osma deleted the fix-invalid-vocabid-404-error branch October 6, 2021 07:22
This was referenced Nov 2, 2021
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@osma osma

Labels
bug
Projects
None yet
Milestone
2.12
Development

Successfully merging this pull request may close these issues.
1 participant
@osma