mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #9995 from nextcloud/bugfix/noid/error-page-with-500-http-code 

Server error/hint pages with a 500 error code to avoid it being seen …
This commit is contained in:
Morris Jobke 2018-06-26 12:30:37 +02:00 committed by GitHub
parent 684ee622a1 1399f6bece
commit 1bb552761b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 26 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
index.php
View File

@ -45,23 +45,19 @@ try {
\OC::$server->getLogger()->logException($ex, array('app' => 'index')); \OC::$server->getLogger()->logException($ex, array('app' => 'index'));
//show the user a detailed error page //show the user a detailed error page
OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE); OC_Template::printExceptionErrorPage($ex, \OC_Response::STATUS_SERVICE_UNAVAILABLE);
OC_Template::printExceptionErrorPage($ex);
} catch (\OC\HintException $ex) { } catch (\OC\HintException $ex) {
OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE);
try { try {
OC_Template::printErrorPage($ex->getMessage(), $ex->getHint()); OC_Template::printErrorPage($ex->getMessage(), $ex->getHint(), OC_Response::STATUS_SERVICE_UNAVAILABLE);
} catch (Exception $ex2) { } catch (Exception $ex2) {
\OC::$server->getLogger()->logException($ex, array('app' => 'index')); \OC::$server->getLogger()->logException($ex, array('app' => 'index'));
\OC::$server->getLogger()->logException($ex2, array('app' => 'index')); \OC::$server->getLogger()->logException($ex2, array('app' => 'index'));
//show the user a detailed error page //show the user a detailed error page
OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR); OC_Template::printExceptionErrorPage($ex, \OC_Response::STATUS_INTERNAL_SERVER_ERROR);
OC_Template::printExceptionErrorPage($ex);
} }
} catch (\OC\User\LoginException $ex) { } catch (\OC\User\LoginException $ex) {
OC_Response::setStatus(OC_Response::STATUS_FORBIDDEN); OC_Template::printErrorPage($ex->getMessage(), $ex->getMessage(), OC_Response::STATUS_FORBIDDEN);
OC_Template::printErrorPage($ex->getMessage(), $ex->getMessage());
} catch (Exception $ex) { } catch (Exception $ex) {
\OC::$server->getLogger()->logException($ex, array('app' => 'index')); \OC::$server->getLogger()->logException($ex, array('app' => 'index'));
@ -92,6 +88,5 @@ try {
throw $e; throw $e;
} }
OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR); OC_Template::printExceptionErrorPage($ex, \OC_Response::STATUS_INTERNAL_SERVER_ERROR);
OC_Template::printExceptionErrorPage($ex);
} }

11
lib/base.php
View File

@ -260,7 +260,8 @@ class OC {
$l->t('This can usually be fixed by giving the webserver write access to the config directory. See %s', $l->t('This can usually be fixed by giving the webserver write access to the config directory. See %s',
[ $urlGenerator->linkToDocs('admin-dir_permissions') ]) . '. ' [ $urlGenerator->linkToDocs('admin-dir_permissions') ]) . '. '
. $l->t('Or, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it. See %s', . $l->t('Or, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it. See %s',
[ $urlGenerator->linkToDocs('admin-config') ] ) [ $urlGenerator->linkToDocs('admin-config') ] ),
\OC_Response::STATUS_SERVICE_UNAVAILABLE
); );
} }
} }
@ -433,8 +434,7 @@ class OC {
} catch (Exception $e) { } catch (Exception $e) {
\OC::$server->getLogger()->logException($e, ['app' => 'base']); \OC::$server->getLogger()->logException($e, ['app' => 'base']);
//show the user a detailed error page //show the user a detailed error page
OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR); OC_Template::printExceptionErrorPage($e, \OC_Response::STATUS_INTERNAL_SERVER_ERROR);
OC_Template::printExceptionErrorPage($e);
die(); die();
} }
@ -750,11 +750,10 @@ class OC {
// Check whether the sample configuration has been copied // Check whether the sample configuration has been copied
if($systemConfig->getValue('copied_sample_config', false)) { if($systemConfig->getValue('copied_sample_config', false)) {
$l = \OC::$server->getL10N('lib'); $l = \OC::$server->getL10N('lib');
header('HTTP/1.1 503 Service Temporarily Unavailable');
header('Status: 503 Service Temporarily Unavailable');
OC_Template::printErrorPage( OC_Template::printErrorPage(
$l->t('Sample configuration detected'), $l->t('Sample configuration detected'),
$l->t('It has been detected that the sample configuration has been copied. This can break your installation and is unsupported. Please read the documentation before performing changes on config.php') $l->t('It has been detected that the sample configuration has been copied. This can break your installation and is unsupported. Please read the documentation before performing changes on config.php'),
\OC_Response::STATUS_SERVICE_UNAVAILABLE
); );
return; return;
} }

6
lib/private/legacy/files.php
View File

@ -198,18 +198,18 @@ class OC_Files {
OC::$server->getLogger()->logException($ex); OC::$server->getLogger()->logException($ex);
$l = \OC::$server->getL10N('core'); $l = \OC::$server->getL10N('core');
$hint = method_exists($ex, 'getHint') ? $ex->getHint() : ''; $hint = method_exists($ex, 'getHint') ? $ex->getHint() : '';
\OC_Template::printErrorPage($l->t('File is currently busy, please try again later'), $hint); \OC_Template::printErrorPage($l->t('File is currently busy, please try again later'), $hint, 200);
} catch (\OCP\Files\ForbiddenException $ex) { } catch (\OCP\Files\ForbiddenException $ex) {
self::unlockAllTheFiles($dir, $files, $getType, $view, $filename); self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
OC::$server->getLogger()->logException($ex); OC::$server->getLogger()->logException($ex);
$l = \OC::$server->getL10N('core'); $l = \OC::$server->getL10N('core');
\OC_Template::printErrorPage($l->t('Can\'t read file'), $ex->getMessage()); \OC_Template::printErrorPage($l->t('Can\'t read file'), $ex->getMessage(), 200);
} catch (\Exception $ex) { } catch (\Exception $ex) {
self::unlockAllTheFiles($dir, $files, $getType, $view, $filename); self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
OC::$server->getLogger()->logException($ex); OC::$server->getLogger()->logException($ex);
$l = \OC::$server->getL10N('core'); $l = \OC::$server->getL10N('core');
$hint = method_exists($ex, 'getHint') ? $ex->getHint() : ''; $hint = method_exists($ex, 'getHint') ? $ex->getHint() : '';
\OC_Template::printErrorPage($l->t('Can\'t read file'), $hint); \OC_Template::printErrorPage($l->t('Can\'t read file'), $hint, 200);
} }
} }

36
lib/private/legacy/template.php
View File

@ -304,9 +304,10 @@ class OC_Template extends \OC\Template\Base {
* Print a fatal error page and terminates the script * Print a fatal error page and terminates the script
* @param string $error_msg The error message to show * @param string $error_msg The error message to show
* @param string $hint An optional hint message - needs to be properly escape * @param string $hint An optional hint message - needs to be properly escape
* @param int $statusCode
* @suppress PhanAccessMethodInternal * @suppress PhanAccessMethodInternal
*/ */
public static function printErrorPage( $error_msg, $hint = '' ) { public static function printErrorPage( $error_msg, $hint = '', $statusCode = 500) {
if (\OC::$server->getAppManager()->isEnabledForUser('theming') && !\OC_App::isAppLoaded('theming')) { if (\OC::$server->getAppManager()->isEnabledForUser('theming') && !\OC_App::isAppLoaded('theming')) {
\OC_App::loadApp('theming'); \OC_App::loadApp('theming');
} }
@ -317,6 +318,7 @@ class OC_Template extends \OC\Template\Base {
$hint = ''; $hint = '';
} }
http_response_code($statusCode);
try { try {
$content = new \OC_Template( '', 'error', 'error', false ); $content = new \OC_Template( '', 'error', 'error', false );
$errors = array(array('error' => $error_msg, 'hint' => $hint)); $errors = array(array('error' => $error_msg, 'hint' => $hint));
@ -327,7 +329,6 @@ class OC_Template extends \OC\Template\Base {
$logger->error("$error_msg $hint", ['app' => 'core']); $logger->error("$error_msg $hint", ['app' => 'core']);
$logger->logException($e, ['app' => 'core']); $logger->logException($e, ['app' => 'core']);
header(self::getHttpProtocol() . ' 500 Internal Server Error');
header('Content-Type: text/plain; charset=utf-8'); header('Content-Type: text/plain; charset=utf-8');
print("$error_msg $hint"); print("$error_msg $hint");
} }
@ -337,11 +338,12 @@ class OC_Template extends \OC\Template\Base {
/** /**
* print error page using Exception details * print error page using Exception details
* @param Exception|Throwable $exception * @param Exception|Throwable $exception
* @param bool $fetchPage * @param int $statusCode
* @return bool|string * @return bool|string
* @suppress PhanAccessMethodInternal * @suppress PhanAccessMethodInternal
*/ */
public static function printExceptionErrorPage($exception, $fetchPage = false) { public static function printExceptionErrorPage($exception, $statusCode = 503) {
http_response_code($statusCode);
try { try {
$request = \OC::$server->getRequest(); $request = \OC::$server->getRequest();
$content = new \OC_Template('', 'exception', 'error', false); $content = new \OC_Template('', 'exception', 'error', false);
@ -354,16 +356,12 @@ class OC_Template extends \OC\Template\Base {
$content->assign('debugMode', \OC::$server->getSystemConfig()->getValue('debug', false)); $content->assign('debugMode', \OC::$server->getSystemConfig()->getValue('debug', false));
$content->assign('remoteAddr', $request->getRemoteAddress()); $content->assign('remoteAddr', $request->getRemoteAddress());
$content->assign('requestID', $request->getId()); $content->assign('requestID', $request->getId());
if ($fetchPage) {
return $content->fetchPage();
}
$content->printPage(); $content->printPage();
} catch (\Exception $e) { } catch (\Exception $e) {
$logger = \OC::$server->getLogger(); $logger = \OC::$server->getLogger();
$logger->logException($exception, ['app' => 'core']); $logger->logException($exception, ['app' => 'core']);
$logger->logException($e, ['app' => 'core']); $logger->logException($e, ['app' => 'core']);
header(self::getHttpProtocol() . ' 500 Internal Server Error');
header('Content-Type: text/plain; charset=utf-8'); header('Content-Type: text/plain; charset=utf-8');
print("Internal Server Error\n\n"); print("Internal Server Error\n\n");
print("The server encountered an internal error and was unable to complete your request.\n"); print("The server encountered an internal error and was unable to complete your request.\n");
@ -372,26 +370,4 @@ class OC_Template extends \OC\Template\Base {
} }
die(); die();
} }
/**
* This is only here to reduce the dependencies in case of an exception to
* still be able to print a plain error message.
*
* Returns the used HTTP protocol.
*
* @return string HTTP protocol. HTTP/2, HTTP/1.1 or HTTP/1.0.
* @internal Don't use this - use AppFramework\Http\Request->getHttpProtocol instead
*/
protected static function getHttpProtocol() {
$claimedProtocol = strtoupper($_SERVER['SERVER_PROTOCOL']);
$validProtocols = [
'HTTP/1.0',
'HTTP/1.1',
'HTTP/2',
];
if(in_array($claimedProtocol, $validProtocols, true)) {
return $claimedProtocol;
}
return 'HTTP/1.1';
}
} }

12
public.php
View File

@ -36,8 +36,7 @@ try {
if (\OCP\Util::needUpgrade()) { if (\OCP\Util::needUpgrade()) {
// since the behavior of apps or remotes are unpredictable during // since the behavior of apps or remotes are unpredictable during
// an upgrade, return a 503 directly // an upgrade, return a 503 directly
OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE); OC_Template::printErrorPage('Service unavailable', '', OC_Response::STATUS_SERVICE_UNAVAILABLE);
OC_Template::printErrorPage('Service unavailable');
exit; exit;
} }
@ -80,16 +79,15 @@ try {
} catch (Exception $ex) { } catch (Exception $ex) {
if ($ex instanceof \OC\ServiceUnavailableException) { if ($ex instanceof \OC\ServiceUnavailableException) {
OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE); $status = OC_Response::STATUS_SERVICE_UNAVAILABLE;
} else { } else {
OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR); $status = OC_Response::STATUS_INTERNAL_SERVER_ERROR;
} }
//show the user a detailed error page //show the user a detailed error page
\OC::$server->getLogger()->logException($ex, ['app' => 'public']); \OC::$server->getLogger()->logException($ex, ['app' => 'public']);
OC_Template::printExceptionErrorPage($ex); OC_Template::printExceptionErrorPage($ex, $status);
} catch (Error $ex) { } catch (Error $ex) {
//show the user a detailed error page //show the user a detailed error page
OC_Response::setStatus(OC_Response::STATUS_INTERNAL_SERVER_ERROR);
\OC::$server->getLogger()->logException($ex, ['app' => 'public']); \OC::$server->getLogger()->logException($ex, ['app' => 'public']);
OC_Template::printExceptionErrorPage($ex); OC_Template::printExceptionErrorPage($ex, OC_Response::STATUS_INTERNAL_SERVER_ERROR);
} }

6
remote.php
View File

@ -77,12 +77,10 @@ function handleException($e) {
} }
if ($e instanceof RemoteException) { if ($e instanceof RemoteException) {
// we shall not log on RemoteException // we shall not log on RemoteException
OC_Response::setStatus($e->getCode()); OC_Template::printErrorPage($e->getMessage(), '', $e->getCode());
OC_Template::printErrorPage($e->getMessage());
} else { } else {
\OC::$server->getLogger()->logException($e, ['app' => 'remote']); \OC::$server->getLogger()->logException($e, ['app' => 'remote']);
OC_Response::setStatus($statusCode); OC_Template::printExceptionErrorPage($e, $statusCode);
OC_Template::printExceptionErrorPage($e);
} }
} }
} }