From 3caf10aa266db7d71dd52614915ae46a5f133fef Mon Sep 17 00:00:00 2001 From: Vika Date: Sun, 10 Jul 2022 14:54:47 +0300 Subject: micropub: handle invalid/empty query properly On query parsing error, this will return a MicropubError. --- kittybox-rs/src/micropub/mod.rs | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/kittybox-rs/src/micropub/mod.rs b/kittybox-rs/src/micropub/mod.rs index 1d81505..3328597 100644 --- a/kittybox-rs/src/micropub/mod.rs +++ b/kittybox-rs/src/micropub/mod.rs @@ -225,8 +225,7 @@ pub(crate) async fn _post( http: reqwest::Client, ) -> Result { // Here, we have the following guarantees: - // - The user is the same user for this host (guaranteed by ensure_same_user) - // - The MF2-JSON document is normalized (guaranteed by normalize_mf2)\ + // - The MF2-JSON document is normalized (guaranteed by normalize_mf2) // - The MF2-JSON document contains a UID // - The MF2-JSON document's URL list contains its UID // - The MF2-JSON document's "content" field contains an HTML blob, if present @@ -300,7 +299,7 @@ pub(crate) async fn _post( } let reply = - IntoResponse::into_response((StatusCode::ACCEPTED, [("Location", uid.as_str())], ())); + IntoResponse::into_response((StatusCode::ACCEPTED, [("Location", uid.as_str())])); tokio::task::spawn(background_processing(db, mf2, http)); @@ -492,11 +491,22 @@ pub async fn post( } } +#[tracing::instrument(skip(db))] pub async fn query( Extension(db): Extension, - Query(query): Query, + query: Option>, user: User, ) -> axum::response::Response { + // We handle the invalid query case manually to return a + // MicropubError instead of HTTP 422 + if query.is_none() { + return MicropubError::new( + ErrorType::InvalidRequest, + "Invalid query provided. Try ?q=config to see what you can do." + ).into_response(); + } + let query: MicropubQuery = query.unwrap().0; + let host = axum::http::Uri::try_from(user.me.as_str()) .unwrap() .authority() @@ -739,9 +749,9 @@ mod tests { async fn test_query_foreign_url() { let mut res = super::query( axum::Extension(crate::database::MemoryStorage::new()), - axum::extract::Query(super::MicropubQuery::source( + Some(axum::extract::Query(super::MicropubQuery::source( "https://aaronparecki.com/feeds/main", - )), + ))), User::new( "https://fireburn.ru/", "https://quill.p3k.io/", -- cgit 1.4.1