mirror of
https://git.anonymousland.org/anonymousland/synapse-product.git
synced 2024-12-19 00:14:17 -05:00
Respond with proper error responses on unknown paths. (#14621)
Returns a proper 404 with an errcode of M_RECOGNIZED for unknown endpoints per MSC3743.
This commit is contained in:
parent
da77720752
commit
9d8a3234ba
1
changelog.d/14621.bugfix
Normal file
1
changelog.d/14621.bugfix
Normal file
@ -0,0 +1 @@
|
||||
Return spec-compliant JSON errors when unknown endpoints are requested.
|
@ -300,10 +300,8 @@ class InteractiveAuthIncompleteError(Exception):
|
||||
class UnrecognizedRequestError(SynapseError):
|
||||
"""An error indicating we don't understand the request you're trying to make"""
|
||||
|
||||
def __init__(
|
||||
self, msg: str = "Unrecognized request", errcode: str = Codes.UNRECOGNIZED
|
||||
):
|
||||
super().__init__(400, msg, errcode)
|
||||
def __init__(self, msg: str = "Unrecognized request", code: int = 400):
|
||||
super().__init__(code, msg, Codes.UNRECOGNIZED)
|
||||
|
||||
|
||||
class NotFoundError(SynapseError):
|
||||
|
@ -577,7 +577,24 @@ def _unrecognised_request_handler(request: Request) -> NoReturn:
|
||||
Args:
|
||||
request: Unused, but passed in to match the signature of ServletCallback.
|
||||
"""
|
||||
raise UnrecognizedRequestError()
|
||||
raise UnrecognizedRequestError(code=404)
|
||||
|
||||
|
||||
class UnrecognizedRequestResource(resource.Resource):
|
||||
"""
|
||||
Similar to twisted.web.resource.NoResource, but returns a JSON 404 with an
|
||||
errcode of M_UNRECOGNIZED.
|
||||
"""
|
||||
|
||||
def render(self, request: SynapseRequest) -> int:
|
||||
f = failure.Failure(UnrecognizedRequestError(code=404))
|
||||
return_json_error(f, request, None)
|
||||
# A response has already been sent but Twisted requires either NOT_DONE_YET
|
||||
# or the response bytes as a return value.
|
||||
return NOT_DONE_YET
|
||||
|
||||
def getChild(self, name: str, request: Request) -> resource.Resource:
|
||||
return self
|
||||
|
||||
|
||||
class RootRedirect(resource.Resource):
|
||||
|
@ -24,7 +24,6 @@ from matrix_common.types.mxc_uri import MXCUri
|
||||
import twisted.internet.error
|
||||
import twisted.web.http
|
||||
from twisted.internet.defer import Deferred
|
||||
from twisted.web.resource import Resource
|
||||
|
||||
from synapse.api.errors import (
|
||||
FederationDeniedError,
|
||||
@ -35,6 +34,7 @@ from synapse.api.errors import (
|
||||
)
|
||||
from synapse.config._base import ConfigError
|
||||
from synapse.config.repository import ThumbnailRequirement
|
||||
from synapse.http.server import UnrecognizedRequestResource
|
||||
from synapse.http.site import SynapseRequest
|
||||
from synapse.logging.context import defer_to_thread
|
||||
from synapse.metrics.background_process_metrics import run_as_background_process
|
||||
@ -1046,7 +1046,7 @@ class MediaRepository:
|
||||
return removed_media, len(removed_media)
|
||||
|
||||
|
||||
class MediaRepositoryResource(Resource):
|
||||
class MediaRepositoryResource(UnrecognizedRequestResource):
|
||||
"""File uploading and downloading.
|
||||
|
||||
Uploads are POSTed to a resource which returns a token which is used to GET
|
||||
|
@ -15,7 +15,9 @@
|
||||
import logging
|
||||
from typing import Dict
|
||||
|
||||
from twisted.web.resource import NoResource, Resource
|
||||
from twisted.web.resource import Resource
|
||||
|
||||
from synapse.http.server import UnrecognizedRequestResource
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
@ -49,7 +51,7 @@ def create_resource_tree(
|
||||
for path_seg in full_path.split(b"/")[1:-1]:
|
||||
if path_seg not in last_resource.listNames():
|
||||
# resource doesn't exist, so make a "dummy resource"
|
||||
child_resource: Resource = NoResource()
|
||||
child_resource: Resource = UnrecognizedRequestResource()
|
||||
last_resource.putChild(path_seg, child_resource)
|
||||
res_id = _resource_id(last_resource, path_seg)
|
||||
resource_mappings[res_id] = child_resource
|
||||
|
@ -3994,7 +3994,7 @@ class ShadowBanRestTestCase(unittest.HomeserverTestCase):
|
||||
"""
|
||||
Tests that shadow-banning for a user that is not a local returns a 400
|
||||
"""
|
||||
url = "/_synapse/admin/v1/whois/@unknown_person:unknown_domain"
|
||||
url = "/_synapse/admin/v1/users/@unknown_person:unknown_domain/shadow_ban"
|
||||
|
||||
channel = self.make_request(method, url, access_token=self.admin_user_tok)
|
||||
self.assertEqual(400, channel.code, msg=channel.json_body)
|
||||
|
@ -48,13 +48,13 @@ class LoginTokenRequestServletTestCase(unittest.HomeserverTestCase):
|
||||
|
||||
def test_disabled(self) -> None:
|
||||
channel = self.make_request("POST", endpoint, {}, access_token=None)
|
||||
self.assertEqual(channel.code, 400)
|
||||
self.assertEqual(channel.code, 404)
|
||||
|
||||
self.register_user(self.user, self.password)
|
||||
token = self.login(self.user, self.password)
|
||||
|
||||
channel = self.make_request("POST", endpoint, {}, access_token=token)
|
||||
self.assertEqual(channel.code, 400)
|
||||
self.assertEqual(channel.code, 404)
|
||||
|
||||
@override_config({"experimental_features": {"msc3882_enabled": True}})
|
||||
def test_require_auth(self) -> None:
|
||||
|
@ -36,7 +36,7 @@ class RendezvousServletTestCase(unittest.HomeserverTestCase):
|
||||
|
||||
def test_disabled(self) -> None:
|
||||
channel = self.make_request("POST", endpoint, {}, access_token=None)
|
||||
self.assertEqual(channel.code, 400)
|
||||
self.assertEqual(channel.code, 404)
|
||||
|
||||
@override_config({"experimental_features": {"msc3886_endpoint": "/asd"}})
|
||||
def test_redirect(self) -> None:
|
||||
|
@ -174,7 +174,7 @@ class JsonResourceTests(unittest.TestCase):
|
||||
self.reactor, FakeSite(res, self.reactor), b"GET", b"/_matrix/foobar"
|
||||
)
|
||||
|
||||
self.assertEqual(channel.code, 400)
|
||||
self.assertEqual(channel.code, 404)
|
||||
self.assertEqual(channel.json_body["error"], "Unrecognized request")
|
||||
self.assertEqual(channel.json_body["errcode"], "M_UNRECOGNIZED")
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user