Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
discourse/spec/integration
History
David Taylor 64be371749
DEV: Improve handling of invalid requests (#15841) 
Our discourse_public_exceptions middleware is designed to catch bubbled exceptions from lower in the stack, and then use `ApplicationController.rescue_with_handler` to render an appropriate error response.

When the request itself is invalid, we had an escape-hatch to skip re-dispatching the request to ApplicationController. However, it was possible to work around this by 'layering' the errors. For example, if you made a request which resulted in a 404, but **also** had some other invalidity, the escape hatch would not be triggered.

This commit ensures that these kind of 'layered' errors are properly handled, without logging warnings. It also adds detection for invalid JSON bodies and badly-formed multipart requests.

The user-facing behavior is unchanged. This commit simply prevents warnings being logged for invalid requests.
 		2022-02-07 13:16:57 +00:00
..
api_keys_spec.rb DEV: Make add_api_parameter_route parameter deprecations errors (#15198) 2021-12-06 09:10:14 -06:00
auto_reject_reviewable_users_spec.rb FIX: do not send rejection emails to auto-deleted reviewable users (#12160) 2021-02-22 18:37:47 +05:30
category_tag_spec.rb FEATURE: Tag synonyms 2019-12-04 13:33:51 -05:00
content_security_policy_spec.rb FIX: Allow CSP to work correctly for non-default hostnames/schemes (#9180) 2020-03-19 19:54:42 +00:00
email_style_spec.rb FIX: Pluralized translation overrides didn't work for en_US 2020-08-29 00:11:46 +02:00
flags_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
group_spec.rb UX: Include public groups in mentionable groups set (#8516) 2019-12-12 13:13:40 +02:00
invalid_request_spec.rb DEV: Improve handling of invalid requests (#15841) 2022-02-07 13:16:57 +00:00
invite_only_registration_spec.rb DEV: Use `response.parsed_body` in specs (#9615) 2020-05-07 17:04:12 +02:00
message_bus_spec.rb SECURITY: Restrict message-bus access on login_required sites 2019-08-14 09:43:12 +01:00
multisite_cookies_spec.rb SECURITY: Ensure _forum_session cookies cannot be reused between sites (#14950) 2021-11-15 15:50:12 +00:00
multisite_spec.rb DEV: Improve multisite testing (#14884) 2021-11-11 16:44:58 +00:00
rate_limiting_spec.rb FEATURE: Add global admin api key rate limiter (#12527) 2021-06-03 10:52:43 +01:00
same_ip_spammers_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
spam_rules_spec.rb Migrate score settings to use sensitivities 2019-05-24 15:44:24 -04:00
topic_auto_close_spec.rb FIX: Auto close topic from category settings based on topic created_at (#12082) 2021-02-17 07:51:39 +10:00
topic_thumbnail_spec.rb FIX: Make thumbnail tests start with a clean slate (#15216) 2021-12-07 13:07:45 -06:00
watched_words_spec.rb SECURITY: Escape watched word in error message (#14434) 2021-09-24 11:55:15 +03:00