when a user urls hacks we can get InvalidBatchSize oopses
Bug #730393 reported by
Robert Collins
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Fix Released
|
Critical
|
Unassigned |
Bug Description
While InvalidBatchSize oopses are valuable if our form machinery ever gets out of sync with backend limits, a user hacking urls shouldn't trigger an oops.
1 InvalidBatchSiz
GET: 1 Robots: 0 Local: 0
1 https:/
OOPS-1891L2140
What we should do is look at the referer: if its not from lp (or affiliated sites per our 404 heuristics) just give them an error (e,g, 'invalid batch size') and not log an oops.
Related branches
lp:~sinzui/launchpad/suppress-url-hacker-oops
- j.c.sackett (community): Approve
-
Diff: 407 lines (+135/-34)4 files modifiedlib/canonical/launchpad/webapp/errorlog.py (+21/-4)
lib/canonical/launchpad/webapp/tests/test_errorlog.py (+90/-7)
lib/canonical/launchpad/webapp/tests/test_publication.py (+8/-10)
lib/lp/soyuz/stories/ppa/xx-ppa-files.txt (+16/-13)
tags: | added: trivial |
Changed in launchpad: | |
assignee: | nobody → Curtis Hovey (sinzui) |
milestone: | none → 11.06 |
milestone: | 11.06 → none |
status: | Triaged → In Progress |
tags: |
added: qa-ok removed: qa-needstesting |
Changed in launchpad: | |
status: | Fix Committed → Fix Released |
Changed in launchpad: | |
assignee: | Curtis Hovey (sinzui) → nobody |
To post a comment you must log in.
Or perhaps just clamp the batch size and ignore the invalidity.