-
-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
vaultwarden ignores 404.html page #2767
Comments
I also tried to add |
I think you also need to enable |
Yep, you are correct, @stefan0xC However, I would have hoped that the web service would redirect it. I haven't had the chance to look into the architecture between the binary and the web UI in more detail. |
That option will break the functionality of the API, since it does return error messages when sending 4xx or 5xx. So that's not the right option. |
You are right. Sorry, I have not checked for side effects. My pull request should fix the issue without breaking the API but I have not tested it beyond creating a send and deleting it. Is there a way to automatically test the API for regressions? |
@stefan0xC currently there isn't. Other then clicking through the interface and using other clients there isn't any way for testing. I was thinking about some options, but wasn't able to start on anything yet |
Okay, I've added another 404 catcher for Rockets default handler is created by this macro https://github.com/SergioBenitez/Rocket/blob/6778089c129ee15dfd524413f067c9c572226159/core/lib/src/catcher/catcher.rs#L331 |
Hmm, in this case something is wrong. The API should not return http error codes. The API itself should return 200 with a status code in the response. At least this is how API development usually works. e.g. so how does my Apache (reverse proxy) return a proper error message when the vaultwarden service is not running? That is for status code 503? The service can't return anything when it is not running. You can also specify specific error codes:
Update: This is the config that seems to work for me. Please note that without the virtual host apache config
|
@tessus I'm not sure why you think that is bad. 4xx errors are errors which can be returned by any web application. Normally a 5xx error is returned by a proxy server if it can't reach the endpoint, or the actual application when it has an internal server error, so that is all fine. Only returning 200 and provide an error message is not really a standard way, those error codes are there for a reason. |
I think you misunderstood. I am talking about the API. Let's say an API endpoint returns a list of items as the response. The search term was specified in the request payload. If the search term does not yield any results, the API must never, ever return the status code 404. The API must return status code 200 (because the API call succeeded), with the reponse that nothing was found and a status code (where you can e.g. also use 404). |
I'm not talking about 404 specific, there is also 401 for example. Also, a developer can decide to return a 404 for a non existing resources with a json body containing the error message, thats all up to the developer. And I'm not saying either is good or bad. |
Subject of the issue
When I enter a non existing path
https://vaultwarden.server.com/blabla
, the following is logged:and I see the following:
instead of the 404.html page:
Deployment environment
Your environment (Generated via diagnostics page)
Config (Generated via diagnostics page)
Show Running Config
Environment settings which are overridden:
Steps to reproduce
https://vaultwarden.server.com/blabla
Expected behaviour
Actual behaviour
Troubleshooting data
My httpd proxy config:
I use
ROCKET_PORT=8888
instead of the default port.The text was updated successfully, but these errors were encountered: