forked from midou/invidious
Add backtraces to errors (#1498)
Error handling has been reworked to always go through the new `error_template`, `error_json` and `error_atom` macros. They all accept a status code followed by a string message or an exception object. `error_json` accepts a hash with additional fields as third argument. If the second argument is an exception a backtrace will be printed, if it is a string only the string is printed. Since up till now only the exception message was printed a new `InfoException` class was added for situations where no backtrace is intended but a string cannot be used. `error_template` with a string message automatically localizes the message. Missing error translations have been collected in https://github.com/iv-org/invidious/issues/1497 `error_json` with a string message does not localize the message. This is the same as previous behavior. If translations are desired for `error_json` they can be added easily but those error messages have not been collected yet. Uncaught exceptions previously only printed a generic message ("Looks like you've found a bug in Invidious. [...]"). They still print that message but now also include a backtrace.
This commit is contained in:
saltycrys
GitHub
90
src/invidious/helpers/errors.cr
Normal file
90
src/invidious/helpers/errors.cr
Normal file
@@ -0,0 +1,90 @@
|
||||
# InfoExceptions are for displaying information to the user.
|
||||
#
|
||||
# An InfoException might or might not indicate that something went wrong.
|
||||
# Historically Invidious didn't differentiate between these two options, so to
|
||||
# maintain previous functionality InfoExceptions do not print backtraces.
|
||||
class InfoException < Exception
|
||||
end
|
||||
|
||||
macro error_template(*args)
|
||||
error_template_helper(env, config, locale, {{*args}})
|
||||
end
|
||||
|
||||
def error_template_helper(env : HTTP::Server::Context, config : Config, locale : Hash(String, JSON::Any) | Nil, status_code : Int32, exception : Exception)
|
||||
if exception.is_a?(InfoException)
|
||||
return error_template_helper(env, config, locale, status_code, exception.message || "")
|
||||
end
|
||||
env.response.status_code = status_code
|
||||
error_message = <<-END_HTML
|
||||
Looks like you've found a bug in Invidious. Feel free to open a new issue
|
||||
<a href="https://github.com/iv-org/invidious/issues">here</a>
|
||||
or send an email to
|
||||
<a href="mailto:#{CONFIG.admin_email}">#{CONFIG.admin_email}</a>.
|
||||
<br>
|
||||
<br>
|
||||
<br>
|
||||
Please include the following text in your message:
|
||||
<pre style="padding: 20px; background: rgba(0, 0, 0, 0.12345);">#{exception.inspect_with_backtrace}</pre>
|
||||
END_HTML
|
||||
return templated "error"
|
||||
end
|
||||
|
||||
def error_template_helper(env : HTTP::Server::Context, config : Config, locale : Hash(String, JSON::Any) | Nil, status_code : Int32, message : String)
|
||||
env.response.status_code = status_code
|
||||
error_message = translate(locale, message)
|
||||
return templated "error"
|
||||
end
|
||||
|
||||
macro error_atom(*args)
|
||||
error_atom_helper(env, config, locale, {{*args}})
|
||||
end
|
||||
|
||||
def error_atom_helper(env : HTTP::Server::Context, config : Config, locale : Hash(String, JSON::Any) | Nil, status_code : Int32, exception : Exception)
|
||||
if exception.is_a?(InfoException)
|
||||
return error_atom_helper(env, config, locale, status_code, exception.message || "")
|
||||
end
|
||||
env.response.content_type = "application/atom+xml"
|
||||
env.response.status_code = status_code
|
||||
return "<error>#{exception.inspect_with_backtrace}</error>"
|
||||
end
|
||||
|
||||
def error_atom_helper(env : HTTP::Server::Context, config : Config, locale : Hash(String, JSON::Any) | Nil, status_code : Int32, message : String)
|
||||
env.response.content_type = "application/atom+xml"
|
||||
env.response.status_code = status_code
|
||||
return "<error>#{message}</error>"
|
||||
end
|
||||
|
||||
macro error_json(*args)
|
||||
error_json_helper(env, config, locale, {{*args}})
|
||||
end
|
||||
|
||||
def error_json_helper(env : HTTP::Server::Context, config : Config, locale : Hash(String, JSON::Any) | Nil, status_code : Int32, exception : Exception, additional_fields : Hash(String, Object) | Nil)
|
||||
if exception.is_a?(InfoException)
|
||||
return error_json_helper(env, config, locale, status_code, exception.message || "", additional_fields)
|
||||
end
|
||||
env.response.content_type = "application/json"
|
||||
env.response.status_code = status_code
|
||||
error_message = {"error" => exception.message, "errorBacktrace" => exception.inspect_with_backtrace}
|
||||
if additional_fields
|
||||
error_message = error_message.merge(additional_fields)
|
||||
end
|
||||
return error_message.to_json
|
||||
end
|
||||
|
||||
def error_json_helper(env : HTTP::Server::Context, config : Config, locale : Hash(String, JSON::Any) | Nil, status_code : Int32, exception : Exception)
|
||||
return error_json_helper(env, config, locale, status_code, exception, nil)
|
||||
end
|
||||
|
||||
def error_json_helper(env : HTTP::Server::Context, config : Config, locale : Hash(String, JSON::Any) | Nil, status_code : Int32, message : String, additional_fields : Hash(String, Object) | Nil)
|
||||
env.response.content_type = "application/json"
|
||||
env.response.status_code = status_code
|
||||
error_message = {"error" => message}
|
||||
if additional_fields
|
||||
error_message = error_message.merge(additional_fields)
|
||||
end
|
||||
return error_message.to_json
|
||||
end
|
||||
|
||||
def error_json_helper(env : HTTP::Server::Context, config : Config, locale : Hash(String, JSON::Any) | Nil, status_code : Int32, message : String)
|
||||
error_json_helper(env, config, locale, status_code, message, nil)
|
||||
end
|
||||
@@ -70,33 +70,33 @@ def validate_request(token, session, request, key, db, locale = nil)
|
||||
when JSON::Any
|
||||
token = token.as_h
|
||||
when Nil
|
||||
raise translate(locale, "Hidden field \"token\" is a required field")
|
||||
raise InfoException.new("Hidden field \"token\" is a required field")
|
||||
end
|
||||
|
||||
expire = token["expire"]?.try &.as_i
|
||||
if expire.try &.< Time.utc.to_unix
|
||||
raise translate(locale, "Token is expired, please try again")
|
||||
raise InfoException.new("Token is expired, please try again")
|
||||
end
|
||||
|
||||
if token["session"] != session
|
||||
raise translate(locale, "Erroneous token")
|
||||
raise InfoException.new("Erroneous token")
|
||||
end
|
||||
|
||||
scopes = token["scopes"].as_a.map { |v| v.as_s }
|
||||
scope = "#{request.method}:#{request.path.lchop("/api/v1/auth/").lstrip("/")}"
|
||||
if !scopes_include_scope(scopes, scope)
|
||||
raise translate(locale, "Invalid scope")
|
||||
raise InfoException.new("Invalid scope")
|
||||
end
|
||||
|
||||
if !Crypto::Subtle.constant_time_compare(token["signature"].to_s, sign_token(key, token))
|
||||
raise translate(locale, "Invalid signature")
|
||||
raise InfoException.new("Invalid signature")
|
||||
end
|
||||
|
||||
if token["nonce"]? && (nonce = db.query_one?("SELECT * FROM nonces WHERE nonce = $1", token["nonce"], as: {String, Time}))
|
||||
if nonce[1] > Time.utc
|
||||
db.exec("UPDATE nonces SET expire = $1 WHERE nonce = $2", Time.utc(1990, 1, 1), nonce[0])
|
||||
else
|
||||
raise translate(locale, "Erroneous token")
|
||||
raise InfoException.new("Erroneous token")
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
Reference in New Issue
Block a user