Fix internal server error on invalid header in curl command

app/server/appsmith-server/src/main/java/com/appsmith/server/exceptions/AppsmithError.java

@@ -81,9 +81,10 @@ public enum AppsmithError {
     FAIL_UPDATE_USER_IN_SESSION(500, 5008, "Unable to update user in session.", AppsmithErrorAction.LOG_EXTERNALLY, null),
     APPLICATION_FORKING_NOT_ALLOWED(403, 4034, "Forking this application is not permitted at this time.", AppsmithErrorAction.DEFAULT, null),
     GOOGLE_RECAPTCHA_TIMEOUT(504, 5042, "Google recaptcha verification timeout. Please try again.", AppsmithErrorAction.DEFAULT, null),
-    GOOGLE_RECAPTCHA_FAILED(401, 4034, "Google recaptcha verification failed. Please try again.", AppsmithErrorAction.DEFAULT, null),
+    GOOGLE_RECAPTCHA_FAILED(401, 4035, "Google recaptcha verification failed. Please try again.", AppsmithErrorAction.DEFAULT, null),
     UNKNOWN_ACTION_RESULT_DATA_TYPE(500, 5009, "Appsmith has encountered an unknown action result data type: {0}. " +
             "Please contact Appsmith customer support to resolve this.", AppsmithErrorAction.LOG_EXTERNALLY, null),
+    INVALID_CURL_HEADER(400, 4036, "Invalid header in cURL command: {0}.", AppsmithErrorAction.DEFAULT, null),
     ;
 
 

app/server/appsmith-server/src/main/java/com/appsmith/server/services/CurlImporterService.java

@@ -290,6 +290,9 @@ public ActionDTO parse(List<String> tokens) throws AppsmithException {
             } else if (ARG_HEADER.equals(state)) {
                 // The `token` is next to `--header`.
                 final String[] parts = token.split(":\\s*", 2);
+                if (parts.length != 2) {
+                    throw new AppsmithException(AppsmithError.INVALID_CURL_HEADER, token);
+                }
                 if ("content-type".equalsIgnoreCase(parts[0])) {
                     contentType = parts[1];
                 }

app/server/appsmith-server/src/test/java/com/appsmith/server/services/CurlImporterServiceTest.java

@@ -8,6 +8,7 @@
 import com.appsmith.server.domains.User;
 import com.appsmith.server.dtos.ActionDTO;
 import com.appsmith.server.dtos.PageDTO;
+import com.appsmith.server.exceptions.AppsmithError;
 import com.appsmith.server.exceptions.AppsmithException;
 import lombok.extern.slf4j.Slf4j;
 import org.junit.Before;
@@ -28,6 +29,7 @@
 import java.util.List;
 
 import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
 
 @RunWith(SpringRunner.class)
 @SpringBootTest
@@ -652,6 +654,24 @@ public void dontEatBackslashesInSingleQuotes() throws AppsmithException {
         );
     }
 
+    @Test
+    public void importInvalidMethod() {
+        assertThatThrownBy(() -> {
+            curlImporterService.curlToAction("curl -X invalid-method http://httpbin.org/get");
+        })
+                .isInstanceOf(AppsmithException.class)
+                .matches(err -> ((AppsmithException) err).getError() == AppsmithError.INVALID_CURL_METHOD);
+    }
+
+    @Test
+    public void importInvalidHeader() {
+        assertThatThrownBy(() -> {
+            curlImporterService.curlToAction("curl -H x-custom http://httpbin.org/headers");
+        })
+                .isInstanceOf(AppsmithException.class)
+                .matches(err -> ((AppsmithException) err).getError() == AppsmithError.INVALID_CURL_HEADER);
+    }
+
     @Test
     @WithUserDetails(value = "api_user")
     public void importInvalidCurlCommand() {