From 82d4432b977e0960746bba1c6f03077fb6322263 Mon Sep 17 00:00:00 2001 From: NavaL Date: Mon, 22 Feb 2016 15:11:10 +0100 Subject: Removes stacktrace errors from appearing on the login page. Instead shows a generic: "invalid xml format" message Issue #214 --- service/pixelated/resources/login_resource.py | 9 +++++++++ service/test/unit/resources/test_login_resource.py | 23 ++++++++++++++++++++++ 2 files changed, 32 insertions(+) (limited to 'service') diff --git a/service/pixelated/resources/login_resource.py b/service/pixelated/resources/login_resource.py index 6f25fbcb..5f20a3c2 100644 --- a/service/pixelated/resources/login_resource.py +++ b/service/pixelated/resources/login_resource.py @@ -16,10 +16,12 @@ import logging import os +from xml.sax import SAXParseException from twisted.cred import credentials from twisted.internet import defer from twisted.web import util +from twisted.web.error import FlattenerError from twisted.web.http import UNAUTHORIZED, OK from twisted.web.resource import IResource, NoResource from twisted.web.server import NOT_DONE_YET @@ -55,6 +57,7 @@ class DisclaimerElement(Element): def __init__(self, banner): super(DisclaimerElement, self).__init__() self._set_loader(banner) + self._banner_filename = banner or "_login_disclaimer_banner.html" def _set_loader(self, banner): if banner: @@ -62,6 +65,12 @@ class DisclaimerElement(Element): banner_file_path = os.path.join(current_path, "..", "..", "..", banner) self.loader = XMLFile(FilePath(banner_file_path)) + def render(self, request): + try: + return super(DisclaimerElement, self).render(request) + except SAXParseException: + return ["Invalid XML template format for %s." % self._banner_filename] + class LoginWebSite(Element): loader = XMLFile(FilePath(os.path.join(_get_startup_folder(), 'login.html'))) diff --git a/service/test/unit/resources/test_login_resource.py b/service/test/unit/resources/test_login_resource.py index 3cd9d3b2..d8194156 100644 --- a/service/test/unit/resources/test_login_resource.py +++ b/service/test/unit/resources/test_login_resource.py @@ -99,6 +99,29 @@ class TestLoginResource(unittest.TestCase): d.addCallback(tear_down) return d + def test_non_xml_compliant_banner_will_send_default_invalid_format_banner(self): + request = DummyRequest(['']) + + banner_file_name = 'banner.txt' + xml_invalid_banner = '

some unclosed paragraph' + self._write(banner_file_name, xml_invalid_banner) + + self.resource._disclaimer_banner = 'service/_trial_temp/' + banner_file_name + + d = self.web.get(request) + + def assert_default_invalid_banner_disclaimer_rendered(_): + self.assertEqual(200, request.responseCode) + written_response = ''.join(request.written) + self.assertIn("Invalid XML template format for service/_trial_temp/banner.txt.", written_response) + + def tear_down(_): + os.remove(banner_file_name) + + d.addCallback(assert_default_invalid_banner_disclaimer_rendered) + d.addCallback(tear_down) + return d + class TestLoginPOST(unittest.TestCase): def setUp(self): -- cgit v1.2.3