From cf24c2b22e23b2e108270fb5e11b8f84b523dd15 Mon Sep 17 00:00:00 2001
From: Finn Bacall <finn.bacall@manchester.ac.uk>
Date: Thu, 30 Jan 2025 12:39:05 +0000
Subject: [PATCH 1/2] Handle exceptions in `examine_url`. Custom error message
 for SSL issues. Fixes #2128

---
 lib/seek/upload_handling/examine_url.rb       | 27 +++++++++----------
 .../content_blobs_controller_test.rb          | 21 +++++++++++++++
 2 files changed, 33 insertions(+), 15 deletions(-)

diff --git a/lib/seek/upload_handling/examine_url.rb b/lib/seek/upload_handling/examine_url.rb
index d813f389f9..efe87a07bd 100644
--- a/lib/seek/upload_handling/examine_url.rb
+++ b/lib/seek/upload_handling/examine_url.rb
@@ -25,8 +25,17 @@ def examine_url
             @type = 'warning'
             @warning_msg = "Unhandled URL scheme: #{uri.scheme}. The given URL will be presented as a clickable link."
           end
+        rescue URI::InvalidURIError
+          @type = 'override'
+          @error_msg = 'The URL appears to be invalid.'
+        rescue OpenSSL::OpenSSLError
+          @type = 'error'
+          @error_msg = 'SSL connection to the URL failed - Please check the certificate is valid.'
         rescue StandardError => e
-          handle_exception_response(e)
+          raise e if Rails.application.config.consider_all_requests_local
+          exception_notification(500, e)
+          @type = 'error'
+          @error_msg = 'An unexpected error occurred whilst accessing the URL.'
         end
 
         respond_to do |format|
@@ -75,26 +84,14 @@ def handle_bad_http_response(code)
           @error_msg = "We can't find out information about this URL - Method not allowed response."
         when 404
           @type = 'override'
-          @error_msg = 'Nothing can be found at that URL. Please check the address and try again'
-        when 400
-          @type = 'override'
-          @error_msg = 'The URL appears to be invalid'
+          @error_msg = 'Nothing can be found at that URL. Please check the address and try again.'
         when 490
-          @error_msg = 'That URL is inaccessible. Please check the address and try again'
+          @error_msg = 'That URL is inaccessible. Please check the address and try again.'
         else
           @error_msg = "We can't find out information about this URL - unhandled response code: #{code}"
         end
       end
 
-      def handle_exception_response(exception)
-        case exception
-        when URI::InvalidURIError
-          handle_bad_http_response(400)
-        else
-          fail exception
-        end
-      end
-
       def is_myexperiment_url?(url)
         URI uri = URI(url)
         uri.hostname.include?('myexperiment.org') && uri.path.end_with?('.html')
diff --git a/test/functional/content_blobs_controller_test.rb b/test/functional/content_blobs_controller_test.rb
index de138806c5..d0e67fc9bd 100644
--- a/test/functional/content_blobs_controller_test.rb
+++ b/test/functional/content_blobs_controller_test.rb
@@ -216,6 +216,27 @@ def setup
     assert assigns(:warning_msg)
   end
 
+  test 'examine url bad cert' do
+    stub_request(:head, 'https://iuseaselfsigned.cert').to_raise(OpenSSL::SSL::SSLError)
+    get :examine_url, xhr: true, params: { data_url: 'https://iuseaselfsigned.cert' }
+    assert_response 400
+    assert @response.body.include?('SSL connection to the URL failed')
+    assert_equal 'error', assigns(:type)
+    assert assigns(:error_msg)
+  end
+
+  test 'examine url unhandled exception' do
+    Rails.application.config.consider_all_requests_local = false
+    stub_request(:head, 'https://somethingeterrible').to_raise(NoMethodError)
+    get :examine_url, xhr: true, params: { data_url: 'https://somethingeterrible' }
+    assert_response 400
+    assert @response.body.include?('An unexpected error occurred')
+    assert_equal 'error', assigns(:type)
+    assert assigns(:error_msg)
+  ensure
+    Rails.application.config.consider_all_requests_local = true
+  end
+
   test 'examine url localhost' do
     begin
       # Need to allow the request through so that `private_address_check` can catch it.

From 6f82575d959277397b12d09d3dc99a7f2ad9645f Mon Sep 17 00:00:00 2001
From: Finn Bacall <finn.bacall@manchester.ac.uk>
Date: Thu, 30 Jan 2025 15:48:24 +0000
Subject: [PATCH 2/2] Bump RO-Crate lib to handle RO-Crates with singleton
 `hasPart`

---
 Gemfile      | 2 +-
 Gemfile.lock | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Gemfile b/Gemfile
index 1077041082..4e714bb734 100644
--- a/Gemfile
+++ b/Gemfile
@@ -134,7 +134,7 @@ gem 'request_store'
 
 gem 'bundler', '>= 1.8.4'
 
-gem 'ro-crate', '~> 0.5.2'
+gem 'ro-crate', '~> 0.5.3'
 
 gem 'rugged'
 gem 'i18n-js'
diff --git a/Gemfile.lock b/Gemfile.lock
index d9f1c72416..51eb6a85fc 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -737,7 +737,7 @@ GEM
       json (~> 2.3.0)
       ucf (~> 2.0.2)
       uuid (~> 2.3)
-    ro-crate (0.5.2)
+    ro-crate (0.5.3)
       addressable (>= 2.7, < 2.9)
       rubyzip (~> 2.0.0)
     rsolr (2.5.0)
@@ -1069,7 +1069,7 @@ DEPENDENCIES
   rfc-822
   rmagick (= 5.3.0)
   ro-bundle (~> 0.3.0)
-  ro-crate (~> 0.5.2)
+  ro-crate (~> 0.5.3)
   rspec-rails (~> 5.1)
   rubocop
   ruby-prof