Fix stacktrace in response for invalid url (#1605)

This fixes responses with complete stack traces for requests with invalid urls, for example such containing backslash ('') in the query parameter part (eg. q=search). In this case the response contains an error object due to this error, and requesting the uri info would trigger the same error a second time, only that now the exception mapper would not catch the error again. So we check whether we have an error object before trying to create an enricher context.
2026-01-22 23:42:11 +01:00 · 2021-03-25 11:53:30 +01:00
parent 22a0362892
commit 96d2e2cc1b
2 changed files with 13 additions and 1 deletions
--- a/gradle/changelog/url_exception.yaml
+++ b/gradle/changelog/url_exception.yaml
@@ -0,0 +1,2 @@
+- type: fixed
+  description: Response with exception stack trace for invalid urls ([#1605](https://github.com/scm-manager/scm-manager/pull/1605))
--- a/scm-webapp/src/main/java/sonia/scm/api/v2/JsonMarshallingResponseFilter.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/v2/JsonMarshallingResponseFilter.java
@@ -21,7 +21,7 @@
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 * SOFTWARE.
 */
-    
+
 package sonia.scm.api.v2;

 import com.fasterxml.jackson.databind.JsonNode;
@@ -35,6 +35,7 @@ import javax.inject.Inject;
 import javax.ws.rs.container.ContainerRequestContext;
 import javax.ws.rs.container.ContainerResponseContext;
 import javax.ws.rs.container.ContainerResponseFilter;
+import javax.ws.rs.core.MediaType;
 import javax.ws.rs.ext.Provider;
 import java.util.Set;

@@ -46,6 +47,8 @@ import java.util.Set;
@Priority(ResponseFilterPriorities.JSON_MARSHALLING)
 public class JsonMarshallingResponseFilter implements ContainerResponseFilter {

+  private static final MediaType ERROR_MEDIA_TYPE = MediaType.valueOf(VndMediaType.ERROR_TYPE);
+
  private final ObjectMapper objectMapper;
  private final Set<JsonEnricher> enrichers;

@@ -57,6 +60,9 @@ public class JsonMarshallingResponseFilter implements ContainerResponseFilter {

  @Override
  public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) {
+    if (isError(responseContext)) {
+      return;
+    }
    if (hasVndEntity(responseContext)) {
      JsonNode node = getJsonEntity(responseContext);
      callEnrichers(requestContext, responseContext, node);
@@ -64,6 +70,10 @@ public class JsonMarshallingResponseFilter implements ContainerResponseFilter {
    }
  }

+  private boolean isError(ContainerResponseContext responseContext) {
+    return ERROR_MEDIA_TYPE.equals(responseContext.getMediaType());
+  }
+
  private void callEnrichers(ContainerRequestContext requestContext, ContainerResponseContext responseContext, JsonNode node) {
    JsonEnricherContext context = new JsonEnricherContext(
      requestContext.getUriInfo().getRequestUri(),