Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Consider better error for username availability check invalid input #2397

Open
t3chguy opened this issue Jul 31, 2017 · 0 comments
Open

Consider better error for username availability check invalid input #2397

t3chguy opened this issue Jul 31, 2017 · 0 comments
Labels
A-Registration Creating an account A-Validation 500 (mostly) errors due to lack of event/parameter validation O-Occasional Affects or can be seen by some users regularly or most users rarely S-Tolerable Minor significance, cosmetic issues, low or no impact to users. T-Defect Bugs, crashes, hangs, security vulnerabilities, or other reported issues.

Comments

@t3chguy
Copy link
Member

t3chguy commented Jul 31, 2017
edited

Currently querying an invalid input, such as Wizard 饾枡3饾枅饾枍饾枌饾枤饾枮, results in:

2017-07-23 20:24:09,231 - synapse.access.http.8008 - 59 - INFO - GET-3471131- 90.255.116.117 - 8008 - Received request: GET /_matrix/client/r0/register/available?username=Wizard%20%F0%9D%96%993%F0%9D%96%88%F0%9D%96%8D%F0%9D%96%8C%F0%9D%96%9A%F0%9D%96%9E
2017-07-23 20:24:09,232 - synapse.http.server - 139 - ERROR - GET-3471131- Failed handle request synapse.http.server._async_render on <synapse.rest.ClientRestResource object at 0x7ff20d7db8d0>: <XForwardedForRequest at 0x7ff1a294b3b0 method=GET uri=/_matrix/client/r0/register/available?u
sername=Wizard%20%F0%9D%96%993%F0%9D%96%88%F0%9D%96%8D%F0%9D%96%8C%F0%9D%96%9A%F0%9D%96%9E clientproto=HTTP/1.0 site=8008>
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/synapse/http/server.py", line 116, in wrapped_request_handler
    yield request_handler(self, request, request_metrics)
  File "/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 1126, in _inlineCallbacks
    result = result.throwExceptionIntoGenerator(g)
  File "/usr/lib/python2.7/dist-packages/twisted/python/failure.py", line 389, in throwExceptionIntoGenerator
    return g.throw(self.type, self.value, self.tb)
  File "/usr/lib/python2.7/dist-packages/synapse/http/server.py", line 255, in _async_render
    callback_return = yield callback(request, **kwargs)
  File "/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 1126, in _inlineCallbacks
    result = result.throwExceptionIntoGenerator(g)
  File "/usr/lib/python2.7/dist-packages/twisted/python/failure.py", line 389, in throwExceptionIntoGenerator
    return g.throw(self.type, self.value, self.tb)
  File "/usr/lib/python2.7/dist-packages/synapse/rest/client/v2_alpha/register.py", line 152, in on_GET
    yield self.registration_handler.check_username(username)
  File "/usr/lib/python2.7/dist-packages/twisted/internet/defer.py", line 1128, in _inlineCallbacks
    result = g.send(result)
  File "/usr/lib/python2.7/dist-packages/synapse/handlers/register.py", line 50, in check_username
    if urllib.quote(localpart.encode('utf-8')) != localpart:
UnicodeDecodeError: 'ascii' codec can't decode byte 0xf0 in position 7: ordinal not in range(128)

element-hq/element-web/issues/4660 works around this, but for other clients could be handy to make the error more useful than a generic 500 ISE
@reivilibre reivilibre added A-Validation 500 (mostly) errors due to lack of event/parameter validation S-Tolerable Minor significance, cosmetic issues, low or no impact to users. T-Defect Bugs, crashes, hangs, security vulnerabilities, or other reported issues. A-Registration Creating an account O-Occasional Affects or can be seen by some users regularly or most users rarely labels May 23, 2023
@matrixbot matrixbot mentioned this issue Dec 21, 2023
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
A-Registration Creating an account A-Validation 500 (mostly) errors due to lack of event/parameter validation O-Occasional Affects or can be seen by some users regularly or most users rarely S-Tolerable Minor significance, cosmetic issues, low or no impact to users. T-Defect Bugs, crashes, hangs, security vulnerabilities, or other reported issues.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@t3chguy @reivilibre