From 11bedf1c3bc65d70b5601ccfca7cdc3a57a46aa6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julius=20H=C3=A4rtl?= Date: Fri, 14 Oct 2022 07:42:25 +0200 Subject: [PATCH] Use proper error pages instead of always redirecting MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julius Härtl --- core/Controller/ErrorController.php | 62 +++++++++++++++++++++ core/routes.php | 3 + core/templates/404.php | 4 +- lib/base.php | 32 ++++++++--- lib/composer/composer/autoload_classmap.php | 1 + lib/composer/composer/autoload_static.php | 1 + lib/private/Setup.php | 4 +- 7 files changed, 94 insertions(+), 13 deletions(-) create mode 100644 core/Controller/ErrorController.php diff --git a/core/Controller/ErrorController.php b/core/Controller/ErrorController.php new file mode 100644 index 0000000000000..550b320a98940 --- /dev/null +++ b/core/Controller/ErrorController.php @@ -0,0 +1,62 @@ + + * + * @author Julius Härtl + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OC\Core\Controller; + +use OCP\AppFramework\Http; +use OCP\AppFramework\Http\TemplateResponse; + +class ErrorController extends \OCP\AppFramework\Controller { + /** + * @PublicPage + * @NoCSRFRequired + */ + public function error403(): TemplateResponse { + $response = new TemplateResponse( + 'core', + '403', + [], + 'error' + ); + $response->setStatus(Http::STATUS_FORBIDDEN); + return $response; + } + + /** + * @PublicPage + * @NoCSRFRequired + */ + public function error404(): TemplateResponse { + $response = new TemplateResponse( + 'core', + '404', + [], + 'error' + ); + $response->setStatus(Http::STATUS_NOT_FOUND); + return $response; + } +} diff --git a/core/routes.php b/core/routes.php index 02e27c9cfaf04..a3fdfafd7bf08 100644 --- a/core/routes.php +++ b/core/routes.php @@ -97,6 +97,9 @@ ['name' => 'WebAuthn#startAuthentication', 'url' => 'login/webauthn/start', 'verb' => 'POST'], ['name' => 'WebAuthn#finishAuthentication', 'url' => 'login/webauthn/finish', 'verb' => 'POST'], + ['name' => 'Error#error404', 'url' => 'error/404'], + ['name' => 'Error#error403', 'url' => 'error/403'], + // Well known requests https://tools.ietf.org/html/rfc5785 ['name' => 'WellKnown#handle', 'url' => '.well-known/{service}'], diff --git a/core/templates/404.php b/core/templates/404.php index 64595c9a092a3..fcfc7cc1ef8bb 100644 --- a/core/templates/404.php +++ b/core/templates/404.php @@ -17,8 +17,8 @@