From 0ae504aece5fdcf6187cdde82b1c819fbd67a2b8 Mon Sep 17 00:00:00 2001
From: Dan Ungureanu <dan@ungureanu.me>
Date: Sat, 25 Apr 2020 11:47:22 +0300
Subject: [PATCH] FIX: Raise a 4xx error instead of a 5xx if draft data is
 invalid

---
 app/controllers/draft_controller.rb | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/app/controllers/draft_controller.rb b/app/controllers/draft_controller.rb
index d3cc2b731da..22cedd38366 100644
--- a/app/controllers/draft_controller.rb
+++ b/app/controllers/draft_controller.rb
@@ -51,7 +51,13 @@ class DraftController < ApplicationController
 
     json = success_json.merge(draft_sequence: sequence)
 
-    if data = JSON::parse(params[:data])
+    begin
+      data = JSON::parse(params[:data])
+    rescue JSON::ParserError
+      raise Discourse::InvalidParameters.new(:data)
+    end
+
+    if data.present?
       # this is a bit of a kludge we need to remove (all the parsing) too many special cases here
       # we need to catch action edit and action editSharedDraft
       if data["postId"].present? && data["originalText"].present? && data["action"].to_s.start_with?("edit")