Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refine granularity of 400 and 502 error diagnostics #1151

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Refine granularity of 400 and 502 error diagnostics #1151

wants to merge 1 commit into from
+183 −106

Conversation

Wonshtrum
Copy link
Member

Follow up to #1143 and #1150.
This splits the DETAILS variable of errors 400 and 502 into 3 hexadecimal buffers SUCCESSFULLY_PARSED, PARTIALLY_PARSED, and INVALID. This avoids any XSS attacks from this variable. The last valid header/trailer/cookie has also been removed from MESSAGE.
The new 400 and 502 use JavaScript to display the hexadecimal buffers as utf-8 (using the safe innerText) and hopefully help the client fix the problem:
image

@Wonshtrum Wonshtrum force-pushed the answer-granularity branch 2 times, most recently from e65c9c1 to bb7535f Compare November 7, 2024 13:10
@Keksoj
Copy link
Member

Keksoj commented Nov 7, 2024

should solve #1150

@Wonshtrum Wonshtrum force-pushed the answer-granularity branch 2 times, most recently from 18ada37 to 1f2b2b1 Compare November 7, 2024 15:07
llenotre
llenotre approved these changes Nov 7, 2024
View reviewed changes
Copy link

@llenotre llenotre left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good to me

Keksoj
Keksoj approved these changes Nov 7, 2024
View reviewed changes
Copy link
Member

@Keksoj Keksoj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you could remove some commented code but otherwise this is exactly what we need!

lib/src/protocol/kawa_h1/diagnostics.rs Outdated
format!("The first {marker} is invalid, make sure {CHARSET}.")
}
format!("A {marker} is invalid, make sure {CHARSET}.")
// if let Some(Block::Header(Pair { key, .. })) = kawa.blocks.back() {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe delete these lines entirely?

lib/src/protocol/kawa_h1/diagnostics.rs Outdated
} else {
format!("The first cookie is invalid, make sure {CHARSET}.")
}
// if kawa.detached.jar.len() > 1 {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same remark

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@llenotre llenotre llenotre approved these changes

@Keksoj Keksoj Keksoj approved these changes

@FlorentinDUBOIS FlorentinDUBOIS Awaiting requested review from FlorentinDUBOIS FlorentinDUBOIS is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Wonshtrum @Keksoj @llenotre