Handle exceptions in examine_url. Custom error message for SSL issu…

…es. Fixes #2128
seek4science · Jan 30, 2025 · cf24c2b · cf24c2b
1 parent 265940c
commit cf24c2b
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 15 deletions.
diff --git a/lib/seek/upload_handling/examine_url.rb b/lib/seek/upload_handling/examine_url.rb
@@ -25,8 +25,17 @@ def examine_url
             @type = 'warning'
             @warning_msg = "Unhandled URL scheme: #{uri.scheme}. The given URL will be presented as a clickable link."
           end
+        rescue URI::InvalidURIError
+          @type = 'override'
+          @error_msg = 'The URL appears to be invalid.'
+        rescue OpenSSL::OpenSSLError
+          @type = 'error'
+          @error_msg = 'SSL connection to the URL failed - Please check the certificate is valid.'
         rescue StandardError => e
-          handle_exception_response(e)
+          raise e if Rails.application.config.consider_all_requests_local
+          exception_notification(500, e)
+          @type = 'error'
+          @error_msg = 'An unexpected error occurred whilst accessing the URL.'
         end
 
         respond_to do |format|
@@ -75,26 +84,14 @@ def handle_bad_http_response(code)
           @error_msg = "We can't find out information about this URL - Method not allowed response."
         when 404
           @type = 'override'
-          @error_msg = 'Nothing can be found at that URL. Please check the address and try again'
-        when 400
-          @type = 'override'
-          @error_msg = 'The URL appears to be invalid'
+          @error_msg = 'Nothing can be found at that URL. Please check the address and try again.'
         when 490
-          @error_msg = 'That URL is inaccessible. Please check the address and try again'
+          @error_msg = 'That URL is inaccessible. Please check the address and try again.'
         else
           @error_msg = "We can't find out information about this URL - unhandled response code: #{code}"
         end
       end
 
-      def handle_exception_response(exception)
-        case exception
-        when URI::InvalidURIError
-          handle_bad_http_response(400)
-        else
-          fail exception
-        end
-      end
-
       def is_myexperiment_url?(url)
         URI uri = URI(url)
         uri.hostname.include?('myexperiment.org') && uri.path.end_with?('.html')

diff --git a/test/functional/content_blobs_controller_test.rb b/test/functional/content_blobs_controller_test.rb
@@ -216,6 +216,27 @@ def setup
     assert assigns(:warning_msg)
   end
 
+  test 'examine url bad cert' do
+    stub_request(:head, 'https://iuseaselfsigned.cert').to_raise(OpenSSL::SSL::SSLError)
+    get :examine_url, xhr: true, params: { data_url: 'https://iuseaselfsigned.cert' }
+    assert_response 400
+    assert @response.body.include?('SSL connection to the URL failed')
+    assert_equal 'error', assigns(:type)
+    assert assigns(:error_msg)
+  end
+
+  test 'examine url unhandled exception' do
+    Rails.application.config.consider_all_requests_local = false
+    stub_request(:head, 'https://somethingeterrible').to_raise(NoMethodError)
+    get :examine_url, xhr: true, params: { data_url: 'https://somethingeterrible' }
+    assert_response 400
+    assert @response.body.include?('An unexpected error occurred')
+    assert_equal 'error', assigns(:type)
+    assert assigns(:error_msg)
+  ensure
+    Rails.application.config.consider_all_requests_local = true
+  end
+
   test 'examine url localhost' do
     begin
       # Need to allow the request through so that `private_address_check` can catch it.