From 918b4c28ed34b17b32006e5950fe7f34fc40d103 Mon Sep 17 00:00:00 2001 From: Terrtia Date: Wed, 31 Jul 2019 13:24:43 +0200 Subject: [PATCH] fix: [api] fix errors handler 404 405, return json --- bin/packages/Import_helper.py | 2 +- var/www/Flask_server.py | 17 ++++++++++++++++- var/www/modules/restApi/Flask_restApi.py | 2 +- 3 files changed, 18 insertions(+), 3 deletions(-) diff --git a/bin/packages/Import_helper.py b/bin/packages/Import_helper.py index 3ce4406f..0b7fdfb8 100755 --- a/bin/packages/Import_helper.py +++ b/bin/packages/Import_helper.py @@ -49,7 +49,7 @@ def check_import_status(UUID): processing = r_serv_log_submit.get(UUID + ':processing') if not processing: - return ({'status': 'error', 'reason': 'Unknow uuid'}, 400) + return ({'status': 'error', 'reason': 'Unknown uuid'}, 400) # nb_total = r_serv_log_submit.get(UUID + ':nb_total') # nb_sucess = r_serv_log_submit.get(UUID + ':nb_sucess') diff --git a/var/www/Flask_server.py b/var/www/Flask_server.py index 5f8d52b2..c4d3c3c9 100755 --- a/var/www/Flask_server.py +++ b/var/www/Flask_server.py @@ -5,6 +5,7 @@ import os import re import sys import ssl +import json import time import redis @@ -13,7 +14,7 @@ import logging import logging.handlers import configparser -from flask import Flask, render_template, jsonify, request, Request, session, redirect, url_for +from flask import Flask, render_template, jsonify, request, Request, Response, session, redirect, url_for from flask_login import LoginManager, current_user, login_user, logout_user, login_required import bcrypt @@ -291,7 +292,21 @@ def searchbox(): # ========== ERROR HANDLER ============ +@app.errorhandler(405) +def _handle_client_error(e): + if request.path.startswith('/api/'): + return Response(json.dumps({"status": "error", "reason": "Method Not Allowed: The method is not allowed for the requested URL"}, indent=2, sort_keys=True), mimetype='application/json'), 405 + else: + return e + @app.errorhandler(404) +def error_page_not_found(e): + if request.path.startswith('/api/'): + return Response(json.dumps({"status": "error", "reason": "404 Not Found"}, indent=2, sort_keys=True), mimetype='application/json'), 404 + else: + # avoid endpoint enumeration + return page_not_found(e) + @login_required def page_not_found(e): # avoid endpoint enumeration diff --git a/var/www/modules/restApi/Flask_restApi.py b/var/www/modules/restApi/Flask_restApi.py index 727cd524..673b83c6 100644 --- a/var/www/modules/restApi/Flask_restApi.py +++ b/var/www/modules/restApi/Flask_restApi.py @@ -627,7 +627,7 @@ def import_item_uuid(UUID): HTTP Status Code: 400 {'status': 'error', 'reason': 'Invalid uuid'} - {'status': 'error', 'reason': 'Unknow uuid'} + {'status': 'error', 'reason': 'Unknown uuid'} """