github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-23 02:19:27 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: avoid superflous logging when mime type is bad

Browse Source 
Many security scanners ship invalid mime types, this ensures we return
a very cheap response to the clients and do not log anything.

Previous attempt still re-dispatched the request to get proper error page
but in this specific case we want no error page.
This commit is contained in:
Sam Saffron 2020-01-02 12:34:38 +11:00
parent 34ede90927
commit a9f90cdec3
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/middleware/discourse_public_exceptions.rb
View File

@ -31,12 +31,11 @@ module Middleware
fake_controller.response = response fake_controller.response = response
fake_controller.request = request = ActionDispatch::Request.new(env) fake_controller.request = request = ActionDispatch::Request.new(env)
# We can not re-dispatch bad mime types
begin begin
request.format request.format
rescue Mime::Type::InvalidMimeType rescue Mime::Type::InvalidMimeType
# got to do something here, we can not ship invalid format return [400, {}, ["Invalid MIME type"]]
# to the exception handler cause it will explode
request.format = "html"
end end
if ApplicationController.rescue_with_handler(exception, object: fake_controller) if ApplicationController.rescue_with_handler(exception, object: fake_controller)