From 864630e985d90295bf09637585da31979dbf2744 Mon Sep 17 00:00:00 2001 From: Ryan Shaw Date: Tue, 26 Sep 2023 12:45:19 -0400 Subject: [PATCH 1/3] enable skipping slow translation tests --- Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index bbf5e80..e633005 100644 --- a/Makefile +++ b/Makefile @@ -4,6 +4,7 @@ PYTEST := $(VENV_DIR)/bin/pytest FLASK := $(VENV_DIR)/bin/flask DB := ./db.sqlite SERVER_VERSION := $(shell git describe | cut -c 2-) +SKIP_TRANSLATION ?= false .PHONY: all all: $(DB) @@ -54,7 +55,7 @@ clean: .PHONY: test test: | $(PYTHON3) - TESTING=1 $(PYTEST) test -x + TESTING=1 SKIP_TRANSLATION=$(SKIP_TRANSLATION) $(PYTEST) test -x .PHONY: run run: test From a495be9b720a8f865744c4b6bf591837de72089c Mon Sep 17 00:00:00 2001 From: Ryan Shaw Date: Tue, 26 Sep 2023 12:47:11 -0400 Subject: [PATCH 2/3] add custom 404 handler --- periodo/__init__.py | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/periodo/__init__.py b/periodo/__init__.py index a663994..e0ca65a 100644 --- a/periodo/__init__.py +++ b/periodo/__init__.py @@ -4,8 +4,9 @@ import logging from uuid import UUID from logging.config import dictConfig -from flask import Flask, make_response, g from flask_principal import Principal, identity_loaded +from flask import Flask, make_response, g, request +from werkzeug.exceptions import NotFound from werkzeug.http import http_date from werkzeug.middleware.proxy_fix import ProxyFix from werkzeug.routing import BaseConverter @@ -149,6 +150,24 @@ def add_server_version_header(response): import periodo.auth # noqa: E402 import periodo.database # noqa: E402 +import periodo.highlight # noqa: E402 + + +@app.errorhandler(NotFound) +def handle_not_found_error(_): + message = { + "code": 404, + "status": "Not Found", + "message": f"{request.path[1:]} is not a valid PeriodO identifier. Perhaps you followed a broken link?", + } + if request.accept_mimetypes.best == "application/json": + return make_response( + json.dumps(message), + 404, + {"Content-Type": "application/json"}, + ) + else: + return make_response(periodo.highlight.as_json(message), 404) @app.errorhandler(periodo.auth.AuthenticationFailed) From aee6c9bc426461bfa12e4a53e46e542c2eed4e70 Mon Sep 17 00:00:00 2001 From: Ryan Shaw Date: Tue, 26 Sep 2023 13:27:13 -0400 Subject: [PATCH 3/3] sanitize path before showing it in error message --- periodo/__init__.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/periodo/__init__.py b/periodo/__init__.py index e0ca65a..8af35f5 100644 --- a/periodo/__init__.py +++ b/periodo/__init__.py @@ -1,4 +1,5 @@ import os +import re import json import rdflib import logging @@ -155,10 +156,11 @@ def add_server_version_header(response): @app.errorhandler(NotFound) def handle_not_found_error(_): + sanitized_path = re.sub(r"[^./a-z0-9]", r"", request.path[1:], flags=re.IGNORECASE) message = { "code": 404, "status": "Not Found", - "message": f"{request.path[1:]} is not a valid PeriodO identifier. Perhaps you followed a broken link?", + "message": f"{sanitized_path} is not a valid PeriodO identifier. Perhaps you followed a broken link?", } if request.accept_mimetypes.best == "application/json": return make_response(