forked from indymedia/epicyon
Error handling when reading POST data
parent
d780c3330f
commit
29c8332741
112
daemon.py
112
daemon.py
|
@ -5436,7 +5436,11 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
if ';' in boundary:
|
if ';' in boundary:
|
||||||
boundary = boundary.split(';')[0]
|
boundary = boundary.split(';')[0]
|
||||||
|
|
||||||
|
try:
|
||||||
postBytes = self.rfile.read(length)
|
postBytes = self.rfile.read(length)
|
||||||
|
except BaseException:
|
||||||
|
print('ERROR: POST postBytes rfile.read failed')
|
||||||
|
return None
|
||||||
|
|
||||||
# second length check from the bytes received
|
# second length check from the bytes received
|
||||||
# since Content-Length could be untruthful
|
# since Content-Length could be untruthful
|
||||||
|
@ -5545,7 +5549,16 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
self.end_headers()
|
self.end_headers()
|
||||||
self.server.POSTbusy = False
|
self.server.POSTbusy = False
|
||||||
return
|
return
|
||||||
|
|
||||||
|
try:
|
||||||
loginParams = self.rfile.read(length).decode('utf-8')
|
loginParams = self.rfile.read(length).decode('utf-8')
|
||||||
|
except BaseException:
|
||||||
|
print('ERROR: POST rfile.read failed')
|
||||||
|
self.send_response(400)
|
||||||
|
self.end_headers()
|
||||||
|
self.server.POSTbusy = False
|
||||||
|
return
|
||||||
|
|
||||||
loginNickname, loginPassword, register = \
|
loginNickname, loginPassword, register = \
|
||||||
htmlGetLoginCredentials(loginParams, self.server.lastLoginTime)
|
htmlGetLoginCredentials(loginParams, self.server.lastLoginTime)
|
||||||
if loginNickname:
|
if loginNickname:
|
||||||
|
@ -5723,6 +5736,8 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
postBytes = self.rfile.read(length)
|
postBytes = self.rfile.read(length)
|
||||||
except BaseException:
|
except BaseException:
|
||||||
print('ERROR: failed to read bytes for POST')
|
print('ERROR: failed to read bytes for POST')
|
||||||
|
self.send_response(400)
|
||||||
|
self.end_headers()
|
||||||
self.server.POSTbusy = False
|
self.server.POSTbusy = False
|
||||||
return
|
return
|
||||||
|
|
||||||
|
@ -6308,7 +6323,14 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
self.server.httpPrefix + '://' + \
|
self.server.httpPrefix + '://' + \
|
||||||
self.server.domainFull + usersPath
|
self.server.domainFull + usersPath
|
||||||
length = int(self.headers['Content-length'])
|
length = int(self.headers['Content-length'])
|
||||||
|
try:
|
||||||
moderationParams = self.rfile.read(length).decode('utf-8')
|
moderationParams = self.rfile.read(length).decode('utf-8')
|
||||||
|
except BaseException:
|
||||||
|
print('ERROR: POST moderationParams rfile.read failed')
|
||||||
|
self.send_response(400)
|
||||||
|
self.end_headers()
|
||||||
|
self.server.POSTbusy = False
|
||||||
|
return
|
||||||
if '&' in moderationParams:
|
if '&' in moderationParams:
|
||||||
moderationText = None
|
moderationText = None
|
||||||
moderationButton = None
|
moderationButton = None
|
||||||
|
@ -6471,7 +6493,14 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
return
|
return
|
||||||
# get the parameters
|
# get the parameters
|
||||||
length = int(self.headers['Content-length'])
|
length = int(self.headers['Content-length'])
|
||||||
|
try:
|
||||||
questionParams = self.rfile.read(length).decode('utf-8')
|
questionParams = self.rfile.read(length).decode('utf-8')
|
||||||
|
except BaseException:
|
||||||
|
print('ERROR: POST questionParams rfile.read failed')
|
||||||
|
self.send_response(400)
|
||||||
|
self.end_headers()
|
||||||
|
self.server.POSTbusy = False
|
||||||
|
return
|
||||||
questionParams = questionParams.replace('+', ' ')
|
questionParams = questionParams.replace('+', ' ')
|
||||||
questionParams = questionParams.replace('%3F', '')
|
questionParams = questionParams.replace('%3F', '')
|
||||||
questionParams = \
|
questionParams = \
|
||||||
|
@ -6522,7 +6551,14 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
self.server.httpPrefix + '://' + \
|
self.server.httpPrefix + '://' + \
|
||||||
self.server.domainFull + usersPath
|
self.server.domainFull + usersPath
|
||||||
length = int(self.headers['Content-length'])
|
length = int(self.headers['Content-length'])
|
||||||
|
try:
|
||||||
searchParams = self.rfile.read(length).decode('utf-8')
|
searchParams = self.rfile.read(length).decode('utf-8')
|
||||||
|
except BaseException:
|
||||||
|
print('ERROR: POST searchParams rfile.read failed')
|
||||||
|
self.send_response(400)
|
||||||
|
self.end_headers()
|
||||||
|
self.server.POSTbusy = False
|
||||||
|
return
|
||||||
if 'submitBack=' in searchParams:
|
if 'submitBack=' in searchParams:
|
||||||
# go back on search screen
|
# go back on search screen
|
||||||
if callingDomain.endswith('.onion') and \
|
if callingDomain.endswith('.onion') and \
|
||||||
|
@ -6719,7 +6755,15 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
self.server.httpPrefix + '://' + \
|
self.server.httpPrefix + '://' + \
|
||||||
self.server.domainFull + usersPath
|
self.server.domainFull + usersPath
|
||||||
length = int(self.headers['Content-length'])
|
length = int(self.headers['Content-length'])
|
||||||
removeShareConfirmParams = self.rfile.read(length).decode('utf-8')
|
try:
|
||||||
|
removeShareConfirmParams = \
|
||||||
|
self.rfile.read(length).decode('utf-8')
|
||||||
|
except BaseException:
|
||||||
|
print('ERROR: POST removeShareConfirmParams rfile.read failed')
|
||||||
|
self.send_response(400)
|
||||||
|
self.end_headers()
|
||||||
|
self.server.POSTbusy = False
|
||||||
|
return
|
||||||
if '&submitYes=' in removeShareConfirmParams:
|
if '&submitYes=' in removeShareConfirmParams:
|
||||||
removeShareConfirmParams = \
|
removeShareConfirmParams = \
|
||||||
removeShareConfirmParams.replace('+', ' ').strip()
|
removeShareConfirmParams.replace('+', ' ').strip()
|
||||||
|
@ -6759,7 +6803,15 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
self.server.httpPrefix + '://' + \
|
self.server.httpPrefix + '://' + \
|
||||||
self.server.domainFull + usersPath
|
self.server.domainFull + usersPath
|
||||||
length = int(self.headers['Content-length'])
|
length = int(self.headers['Content-length'])
|
||||||
removePostConfirmParams = self.rfile.read(length).decode('utf-8')
|
try:
|
||||||
|
removePostConfirmParams = \
|
||||||
|
self.rfile.read(length).decode('utf-8')
|
||||||
|
except BaseException:
|
||||||
|
print('ERROR: POST removePostConfirmParams rfile.read failed')
|
||||||
|
self.send_response(400)
|
||||||
|
self.end_headers()
|
||||||
|
self.server.POSTbusy = False
|
||||||
|
return
|
||||||
if '&submitYes=' in removePostConfirmParams:
|
if '&submitYes=' in removePostConfirmParams:
|
||||||
removePostConfirmParams = \
|
removePostConfirmParams = \
|
||||||
urllib.parse.unquote(removePostConfirmParams)
|
urllib.parse.unquote(removePostConfirmParams)
|
||||||
|
@ -6833,7 +6885,14 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
self.server.domainFull + usersPath
|
self.server.domainFull + usersPath
|
||||||
followerNickname = getNicknameFromActor(originPathStr)
|
followerNickname = getNicknameFromActor(originPathStr)
|
||||||
length = int(self.headers['Content-length'])
|
length = int(self.headers['Content-length'])
|
||||||
|
try:
|
||||||
followConfirmParams = self.rfile.read(length).decode('utf-8')
|
followConfirmParams = self.rfile.read(length).decode('utf-8')
|
||||||
|
except BaseException:
|
||||||
|
print('ERROR: POST followConfirmParams rfile.read failed')
|
||||||
|
self.send_response(400)
|
||||||
|
self.end_headers()
|
||||||
|
self.server.POSTbusy = False
|
||||||
|
return
|
||||||
if '&submitView=' in followConfirmParams:
|
if '&submitView=' in followConfirmParams:
|
||||||
followingActor = \
|
followingActor = \
|
||||||
urllib.parse.unquote(followConfirmParams)
|
urllib.parse.unquote(followConfirmParams)
|
||||||
|
@ -6897,7 +6956,14 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
self.server.domainFull + usersPath
|
self.server.domainFull + usersPath
|
||||||
followerNickname = getNicknameFromActor(originPathStr)
|
followerNickname = getNicknameFromActor(originPathStr)
|
||||||
length = int(self.headers['Content-length'])
|
length = int(self.headers['Content-length'])
|
||||||
|
try:
|
||||||
followConfirmParams = self.rfile.read(length).decode('utf-8')
|
followConfirmParams = self.rfile.read(length).decode('utf-8')
|
||||||
|
except BaseException:
|
||||||
|
print('ERROR: POST followConfirmParams rfile.read failed')
|
||||||
|
self.send_response(400)
|
||||||
|
self.end_headers()
|
||||||
|
self.server.POSTbusy = False
|
||||||
|
return
|
||||||
if '&submitYes=' in followConfirmParams:
|
if '&submitYes=' in followConfirmParams:
|
||||||
followingActor = \
|
followingActor = \
|
||||||
urllib.parse.unquote(followConfirmParams)
|
urllib.parse.unquote(followConfirmParams)
|
||||||
|
@ -6973,7 +7039,14 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
self.server.POSTbusy = False
|
self.server.POSTbusy = False
|
||||||
return
|
return
|
||||||
length = int(self.headers['Content-length'])
|
length = int(self.headers['Content-length'])
|
||||||
|
try:
|
||||||
blockConfirmParams = self.rfile.read(length).decode('utf-8')
|
blockConfirmParams = self.rfile.read(length).decode('utf-8')
|
||||||
|
except BaseException:
|
||||||
|
print('ERROR: POST blockConfirmParams rfile.read failed')
|
||||||
|
self.send_response(400)
|
||||||
|
self.end_headers()
|
||||||
|
self.server.POSTbusy = False
|
||||||
|
return
|
||||||
if '&submitYes=' in blockConfirmParams:
|
if '&submitYes=' in blockConfirmParams:
|
||||||
blockingActor = \
|
blockingActor = \
|
||||||
urllib.parse.unquote(blockConfirmParams)
|
urllib.parse.unquote(blockConfirmParams)
|
||||||
|
@ -7052,7 +7125,14 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
self.server.POSTbusy = False
|
self.server.POSTbusy = False
|
||||||
return
|
return
|
||||||
length = int(self.headers['Content-length'])
|
length = int(self.headers['Content-length'])
|
||||||
|
try:
|
||||||
blockConfirmParams = self.rfile.read(length).decode('utf-8')
|
blockConfirmParams = self.rfile.read(length).decode('utf-8')
|
||||||
|
except BaseException:
|
||||||
|
print('ERROR: POST blockConfirmParams rfile.read failed')
|
||||||
|
self.send_response(400)
|
||||||
|
self.end_headers()
|
||||||
|
self.server.POSTbusy = False
|
||||||
|
return
|
||||||
if '&submitYes=' in blockConfirmParams:
|
if '&submitYes=' in blockConfirmParams:
|
||||||
blockingActor = \
|
blockingActor = \
|
||||||
urllib.parse.unquote(blockConfirmParams)
|
urllib.parse.unquote(blockConfirmParams)
|
||||||
|
@ -7133,7 +7213,14 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
self.server.POSTbusy = False
|
self.server.POSTbusy = False
|
||||||
return
|
return
|
||||||
length = int(self.headers['Content-length'])
|
length = int(self.headers['Content-length'])
|
||||||
|
try:
|
||||||
optionsConfirmParams = self.rfile.read(length).decode('utf-8')
|
optionsConfirmParams = self.rfile.read(length).decode('utf-8')
|
||||||
|
except BaseException:
|
||||||
|
print('ERROR: POST optionsConfirmParams rfile.read failed')
|
||||||
|
self.send_response(400)
|
||||||
|
self.end_headers()
|
||||||
|
self.server.POSTbusy = False
|
||||||
|
return
|
||||||
optionsConfirmParams = \
|
optionsConfirmParams = \
|
||||||
urllib.parse.unquote(optionsConfirmParams)
|
urllib.parse.unquote(optionsConfirmParams)
|
||||||
# page number to return to
|
# page number to return to
|
||||||
|
@ -7456,7 +7543,14 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
self._404()
|
self._404()
|
||||||
self.server.POSTbusy = False
|
self.server.POSTbusy = False
|
||||||
return
|
return
|
||||||
|
try:
|
||||||
mediaBytes = self.rfile.read(length)
|
mediaBytes = self.rfile.read(length)
|
||||||
|
except BaseException:
|
||||||
|
print('ERROR: POST mediaBytes rfile.read failed')
|
||||||
|
self.send_response(400)
|
||||||
|
self.end_headers()
|
||||||
|
self.server.POSTbusy = False
|
||||||
|
return
|
||||||
mediaFilenameBase = accountsDir + '/upload'
|
mediaFilenameBase = accountsDir + '/upload'
|
||||||
mediaFilename = mediaFilenameBase + '.png'
|
mediaFilename = mediaFilenameBase + '.png'
|
||||||
if self.headers['Content-type'].endswith('jpeg'):
|
if self.headers['Content-type'].endswith('jpeg'):
|
||||||
|
@ -7482,7 +7576,14 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
print(str(self.headers))
|
print(str(self.headers))
|
||||||
length = int(self.headers['Content-length'])
|
length = int(self.headers['Content-length'])
|
||||||
if length < self.server.maxPostLength:
|
if length < self.server.maxPostLength:
|
||||||
|
try:
|
||||||
unknownPost = self.rfile.read(length).decode('utf-8')
|
unknownPost = self.rfile.read(length).decode('utf-8')
|
||||||
|
except BaseException:
|
||||||
|
print('ERROR: POST unknownPost rfile.read failed')
|
||||||
|
self.send_response(400)
|
||||||
|
self.end_headers()
|
||||||
|
self.server.POSTbusy = False
|
||||||
|
return
|
||||||
print(str(unknownPost))
|
print(str(unknownPost))
|
||||||
self._400()
|
self._400()
|
||||||
self.server.POSTbusy = False
|
self.server.POSTbusy = False
|
||||||
|
@ -7509,7 +7610,14 @@ class PubServer(BaseHTTPRequestHandler):
|
||||||
self.server.POSTbusy = False
|
self.server.POSTbusy = False
|
||||||
return
|
return
|
||||||
|
|
||||||
|
try:
|
||||||
messageBytes = self.rfile.read(length)
|
messageBytes = self.rfile.read(length)
|
||||||
|
except BaseException:
|
||||||
|
print('ERROR: POST messageBytes rfile.read failed')
|
||||||
|
self.send_response(400)
|
||||||
|
self.end_headers()
|
||||||
|
self.server.POSTbusy = False
|
||||||
|
return
|
||||||
|
|
||||||
# check content length after reading bytes
|
# check content length after reading bytes
|
||||||
if self.path == '/sharedInbox' or self.path == '/inbox':
|
if self.path == '/sharedInbox' or self.path == '/inbox':
|
||||||
|
|
Loading…
Reference in New Issue