diff options
| author | NavaL <ayoyo@thoughtworks.com> | 2016-02-22 15:11:10 +0100 |
|---|---|---|
| committer | NavaL <ayoyo@thoughtworks.com> | 2016-02-22 15:11:10 +0100 |
| commit | 82d4432b977e0960746bba1c6f03077fb6322263 (patch) | |
| tree | a1a6e3d866c12f8485799b4a896e3ae7048139ce /service | |
| parent | 6239fa6a410bbb96d2121eea4f3559edca4fea66 (diff) | |
Removes stacktrace errors from appearing on the login page.
Instead shows a generic: "invalid xml format" message
Issue #214
Diffstat (limited to 'service')
| -rw-r--r-- | service/pixelated/resources/login_resource.py | 9 | ||||
| -rw-r--r-- | service/test/unit/resources/test_login_resource.py | 23 |
2 files changed, 32 insertions, 0 deletions
diff --git a/service/pixelated/resources/login_resource.py b/service/pixelated/resources/login_resource.py index 6f25fbcb..5f20a3c2 100644 --- a/service/pixelated/resources/login_resource.py +++ b/service/pixelated/resources/login_resource.py @@ -16,10 +16,12 @@ import logging import os +from xml.sax import SAXParseException from twisted.cred import credentials from twisted.internet import defer from twisted.web import util +from twisted.web.error import FlattenerError from twisted.web.http import UNAUTHORIZED, OK from twisted.web.resource import IResource, NoResource from twisted.web.server import NOT_DONE_YET @@ -55,6 +57,7 @@ class DisclaimerElement(Element): def __init__(self, banner): super(DisclaimerElement, self).__init__() self._set_loader(banner) + self._banner_filename = banner or "_login_disclaimer_banner.html" def _set_loader(self, banner): if banner: @@ -62,6 +65,12 @@ class DisclaimerElement(Element): banner_file_path = os.path.join(current_path, "..", "..", "..", banner) self.loader = XMLFile(FilePath(banner_file_path)) + def render(self, request): + try: + return super(DisclaimerElement, self).render(request) + except SAXParseException: + return ["Invalid XML template format for %s." % self._banner_filename] + class LoginWebSite(Element): loader = XMLFile(FilePath(os.path.join(_get_startup_folder(), 'login.html'))) diff --git a/service/test/unit/resources/test_login_resource.py b/service/test/unit/resources/test_login_resource.py index 3cd9d3b2..d8194156 100644 --- a/service/test/unit/resources/test_login_resource.py +++ b/service/test/unit/resources/test_login_resource.py @@ -99,6 +99,29 @@ class TestLoginResource(unittest.TestCase): d.addCallback(tear_down) return d + def test_non_xml_compliant_banner_will_send_default_invalid_format_banner(self): + request = DummyRequest(['']) + + banner_file_name = 'banner.txt' + xml_invalid_banner = '<p>some unclosed paragraph' + self._write(banner_file_name, xml_invalid_banner) + + self.resource._disclaimer_banner = 'service/_trial_temp/' + banner_file_name + + d = self.web.get(request) + + def assert_default_invalid_banner_disclaimer_rendered(_): + self.assertEqual(200, request.responseCode) + written_response = ''.join(request.written) + self.assertIn("Invalid XML template format for service/_trial_temp/banner.txt.", written_response) + + def tear_down(_): + os.remove(banner_file_name) + + d.addCallback(assert_default_invalid_banner_disclaimer_rendered) + d.addCallback(tear_down) + return d + class TestLoginPOST(unittest.TestCase): def setUp(self): |