gaschz/trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-03-01 14:22:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

set correct content type for error messages

Browse Source
This commit is contained in:
zadam 2022-07-01 00:01:29 +02:00
parent fac9fef652
commit 3faae63b84
9 changed files with 71 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package-lock.json generated
View File

@ -1,12 +1,12 @@
{
"name": "trilium",
"version": "0.52.1-beta",
"version": "0.52.3",
"lockfileVersion": 2,
"requires": true,
"packages": {
"": {
"name": "trilium",
"version": "0.52.1-beta",
"version": "0.52.3",
"hasInstallScript": true,
"license": "AGPL-3.0-only",
"dependencies": {

8
src/routes/api/export.js
View File

@ -15,7 +15,9 @@ function exportBranch(req, res) {
const message = `Cannot export branch ${branchId} since it does not exist.`;
log.error(message);
res.status(500).send(message);
res.setHeader("Content-Type", "text/plain")
.status(500)
.send(message);
return;
}
@ -41,7 +43,9 @@ function exportBranch(req, res) {
log.error(message + e.stack);
res.status(500).send(message);
res.setHeader("Content-Type", "text/plain")
.status(500)
.send(message);
}
}

4
src/routes/api/files.js
View File

@ -48,7 +48,9 @@ function downloadNoteFile(noteId, res, contentDisposition = true) {
const note = becca.getNote(noteId);
if (!note) {
return res.status(404).send(`Note ${noteId} doesn't exist.`);
return res.setHeader("Content-Type", "text/plain")
.status(404)
.send(`Note ${noteId} doesn't exist.`);
}
if (note.isProtected && !protectedSessionService.isProtectedSessionAvailable()) {

8
src/routes/api/image.js
View File

@ -20,20 +20,22 @@ function returnImage(req, res) {
}
/**
* special "image" type. the canvas is actually type application/json
* special "image" type. the canvas is actually type application/json
* to avoid bitrot and enable usage as referenced image the svg is included.
*/
if (image.type === 'canvas') {
const content = image.getContent();
try {
const data = JSON.parse(content);
const svg = data.svg || '<svg />'
res.set('Content-Type', "image/svg+xml");
res.set("Cache-Control", "no-cache, no-store, must-revalidate");
res.send(svg);
} catch(err) {
res.status(500).send("there was an error parsing excalidraw to svg");
res.setHeader("Content-Type", "text/plain")
.status(500)
.send("there was an error parsing excalidraw to svg");
}
} else {
res.set('Content-Type', image.mime);

8
src/routes/api/note_revisions.js
View File

@ -65,11 +65,15 @@ function downloadNoteRevision(req, res) {
const noteRevision = becca.getNoteRevision(req.params.noteRevisionId);
if (noteRevision.noteId !== req.params.noteId) {
return res.status(400).send(`Note revision ${req.params.noteRevisionId} does not belong to note ${req.params.noteId}`);
return res.setHeader("Content-Type", "text/plain")
.status(400)
.send(`Note revision ${req.params.noteRevisionId} does not belong to note ${req.params.noteId}`);
}
if (noteRevision.isProtected && !protectedSessionService.isProtectedSessionAvailable()) {
return res.status(401).send("Protected session not available");
return res.setHeader("Content-Type", "text/plain")
.status(401)
.send("Protected session not available");
}
const filename = getRevisionFilename(noteRevision);

8
src/routes/custom.js
View File

@ -49,7 +49,9 @@ function handleRequest(req, res) {
catch (e) {
log.error(`Custom handler ${note.noteId} failed with ${e.message}`);
res.status(500).send(e.message);
res.setHeader("Content-Type", "text/plain")
.status(500)
.send(e.message);
}
}
else if (attr.name === 'customResourceProvider') {
@ -65,7 +67,9 @@ function handleRequest(req, res) {
const message = `No handler matched for custom ${path} request.`;
log.info(message);
res.status(404).send(message);
res.setHeader("Content-Type", "text/plain")
.status(404)
.send(message);
}
function register(router) {

12
src/routes/routes.js
View File

@ -120,6 +120,10 @@ function apiResultHandler(req, res, result) {
function send(res, statusCode, response) {
if (typeof response === 'string') {
if (statusCode >= 400) {
res.setHeader("Content-Type", "text/plain");
}
res.status(statusCode).send(response);
return response.length;
@ -167,7 +171,9 @@ function route(method, path, middleware, routeHandler, resultHandler, transactio
.catch(e => {
log.error(`${method} ${path} threw exception: ` + e.stack);
res.status(500).send(e.message);
res.setHeader("Content-Type", "text/plain")
.status(500)
.send(e.message);
});
}
else {
@ -180,7 +186,9 @@ function route(method, path, middleware, routeHandler, resultHandler, transactio
catch (e) {
log.error(`${method} ${path} threw exception: ` + e.stack);
res.status(500).send(e.message);
res.setHeader("Content-Type", "text/plain")
.status(500)
.send(e.message);
}
});
}

16
src/services/auth.js
View File

@ -88,17 +88,23 @@ function checkEtapiToken(req, res, next) {
function reject(req, res, message) {
log.info(`${req.method} ${req.path} rejected with 401 ${message}`);
res.status(401).send(message);
res.setHeader("Content-Type", "text/plain")
.status(401)
.send(message);
}
function checkCredentials(req, res, next) {
if (!sqlInit.isDbInitialized()) {
res.status(400).send('Database is not initialized yet.');
res.setHeader("Content-Type", "text/plain")
.status(400)
.send('Database is not initialized yet.');
return;
}
if (!passwordService.isPasswordSet()) {
res.status(400).send('Password has not been set yet. Please set a password and repeat the action');
res.setHeader("Content-Type", "text/plain")
.status(400)
.send('Password has not been set yet. Please set a password and repeat the action');
return;
}
@ -109,7 +115,9 @@ function checkCredentials(req, res, next) {
// username is ignored
if (!passwordEncryptionService.verifyPassword(password)) {
res.status(401).send('Incorrect password');
res.setHeader("Content-Type", "text/plain")
.status(401)
.send('Incorrect password');
}
else {
next();

30
src/share/routes.js
View File

@ -39,9 +39,9 @@ function register(router) {
addNoIndexHeader(note, res);
if (note.hasLabel('shareRaw') || ['image', 'file'].includes(note.type)) {
res.setHeader('Content-Type', note.mime);
res.setHeader('Content-Type', note.mime)
.send(note.getContent());
res.send(note.getContent());
return;
}
@ -83,7 +83,9 @@ function register(router) {
const note = shaca.getNote(noteId);
if (!note) {
return res.status(404).send(`Note '${noteId}' not found`);
return res.setHeader("Content-Type", "text/plain")
.status(404)
.send(`Note '${noteId}' not found`);
}
addNoIndexHeader(note, res);
@ -98,7 +100,9 @@ function register(router) {
const note = shaca.getNote(noteId);
if (!note) {
return res.status(404).send(`Note '${noteId}' not found`);
return res.setHeader("Content-Type", "text/plain")
.status(404)
.send(`Note '${noteId}' not found`);
}
addNoIndexHeader(note, res);
@ -122,13 +126,17 @@ function register(router) {
const image = shaca.getNote(req.params.noteId);
if (!image) {
return res.status(404).send(`Note '${req.params.noteId}' not found`);
return res.setHeader('Content-Type', 'text/plain')
.status(404)
.send(`Note '${req.params.noteId}' not found`);
}
else if (!["image", "canvas"].includes(image.type)) {
return res.status(400).send("Requested note is not a shareable image");
return res.setHeader('Content-Type', 'text/plain')
.status(400)
.send("Requested note is not a shareable image");
} else if (image.type === "canvas") {
/**
* special "image" type. the canvas is actually type application/json
* special "image" type. the canvas is actually type application/json
* to avoid bitrot and enable usage as referenced image the svg is included.
*/
const content = image.getContent();
@ -141,7 +149,9 @@ function register(router) {
res.set("Cache-Control", "no-cache, no-store, must-revalidate");
res.send(svg);
} catch(err) {
res.status(500).send("there was an error parsing excalidraw to svg");
res.setHeader('Content-Type', 'text/plain')
.status(500)
.send("there was an error parsing excalidraw to svg");
}
} else {
// normal image
@ -159,7 +169,9 @@ function register(router) {
const note = shaca.getNote(noteId);
if (!note) {
return res.status(404).send(`Note '${noteId}' not found`);
return res.setHeader('Content-Type', 'text/plain')
.status(404)
.send(`Note '${noteId}' not found`);
}
addNoIndexHeader(note, res);