From 5775e207e22ed19d7de02403004f5a234cf67565 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicol=C3=A1s=20Tamargo?= Date: Tue, 23 Apr 2019 13:32:34 +0300 Subject: [PATCH 1/4] MBS-10133: Clarify "empty query" bad request error --- lib/MusicBrainz/Server/Data/WebService.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/MusicBrainz/Server/Data/WebService.pm b/lib/MusicBrainz/Server/Data/WebService.pm index cf180654a97..dbcbbf74539 100644 --- a/lib/MusicBrainz/Server/Data/WebService.pm +++ b/lib/MusicBrainz/Server/Data/WebService.pm @@ -205,7 +205,7 @@ sub xml_search if ($query =~ /^\s*$/) { return { - error => "Must specify a least one parameter (other than 'limit', 'offset' or empty 'query') for collections query.", + error => "You submitted a blank search query. You must include a non-blank 'query=' parameter with your search.", code => HTTP_BAD_REQUEST }; } From 659f10f6bb5020b0e2b6d1f5efa142a786bb2f97 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicol=C3=A1s=20Tamargo?= Date: Tue, 23 Apr 2019 13:59:48 +0300 Subject: [PATCH 2/4] Understand that "" is also a blank query This still allows a query like \" through, in case the user does want to query for entities with quote marks in their name. --- lib/MusicBrainz/Server/Data/WebService.pm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/MusicBrainz/Server/Data/WebService.pm b/lib/MusicBrainz/Server/Data/WebService.pm index dbcbbf74539..d11ceaae86f 100644 --- a/lib/MusicBrainz/Server/Data/WebService.pm +++ b/lib/MusicBrainz/Server/Data/WebService.pm @@ -201,8 +201,8 @@ sub xml_search } $query =~ s/^ AND //; - # In case we have a blank query - if ($query =~ /^\s*$/) + # In case we have a blank query (only whitespace, or whitespace surrounded by unescaped quotes) + if ($query =~ /^(?:\s*|"\s*")$/) { return { error => "You submitted a blank search query. You must include a non-blank 'query=' parameter with your search.", From bc8a48f4187826a258a10a2d6759d539366d1554 Mon Sep 17 00:00:00 2001 From: yvanzo Date: Tue, 4 Jun 2019 10:19:23 +0200 Subject: [PATCH 3/4] Update web service documentation link to https --- lib/MusicBrainz/Server/Test/WS.pm | 8 ++++---- lib/MusicBrainz/Server/WebService/XMLSerializer.pm | 2 +- t/lib/t/MusicBrainz/Server/Controller/WS/2/Collection.pm | 2 +- .../t/MusicBrainz/Server/Controller/WS/2/LookupArtist.pm | 2 +- .../t/MusicBrainz/Server/Controller/WS/2/LookupDiscID.pm | 2 +- t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupEvent.pm | 2 +- .../Server/Controller/WS/2/LookupInstrument.pm | 2 +- .../t/MusicBrainz/Server/Controller/WS/2/LookupSeries.pm | 2 +- .../Server/Controller/WS/2/SubmitCollection.pm | 2 +- t/lib/t/MusicBrainz/Server/WebService/Format.pm | 2 +- 10 files changed, 13 insertions(+), 13 deletions(-) diff --git a/lib/MusicBrainz/Server/Test/WS.pm b/lib/MusicBrainz/Server/Test/WS.pm index b62b82d8a7f..aa32643d94a 100644 --- a/lib/MusicBrainz/Server/Test/WS.pm +++ b/lib/MusicBrainz/Server/Test/WS.pm @@ -31,7 +31,7 @@ Readonly our $FORBIDDEN_XML_RESPONSE => <<'EOXML'; You are not authorized to access this resource. - For usage, please see: http://musicbrainz.org/development/mmd + For usage, please see: https://musicbrainz.org/development/mmd EOXML @@ -39,7 +39,7 @@ Readonly our $UNAUTHORIZED_XML_RESPONSE => <<'EOXML'; Your credentials could not be verified. Either you supplied the wrong credentials (e.g., bad password), or your client doesn't understand how to supply the credentials required. - For usage, please see: http://musicbrainz.org/development/mmd + For usage, please see: https://musicbrainz.org/development/mmd EOXML @@ -47,7 +47,7 @@ Readonly our $NOT_FOUND_XML_RESPONSE => <<'EOXML'; Not Found - For usage, please see: http://musicbrainz.org/development/mmd + For usage, please see: https://musicbrainz.org/development/mmd EOXML @@ -55,7 +55,7 @@ Readonly our $INVALID_MBID_XML_RESPONSE => <<'EOXML'; Invalid mbid. - For usage, please see: http://musicbrainz.org/development/mmd + For usage, please see: https://musicbrainz.org/development/mmd EOXML diff --git a/lib/MusicBrainz/Server/WebService/XMLSerializer.pm b/lib/MusicBrainz/Server/WebService/XMLSerializer.pm index f930eaa0a6a..2c13713fe43 100644 --- a/lib/MusicBrainz/Server/WebService/XMLSerializer.pm +++ b/lib/MusicBrainz/Server/WebService/XMLSerializer.pm @@ -1326,7 +1326,7 @@ sub output_error return '' . $gen->error($gen->text($err), $gen->text( - "For usage, please see: http://musicbrainz.org/development/mmd")); + "For usage, please see: https://musicbrainz.org/development/mmd")); } sub output_success diff --git a/t/lib/t/MusicBrainz/Server/Controller/WS/2/Collection.pm b/t/lib/t/MusicBrainz/Server/Controller/WS/2/Collection.pm index 18b7f078bb3..707c9d06ed7 100644 --- a/t/lib/t/MusicBrainz/Server/Controller/WS/2/Collection.pm +++ b/t/lib/t/MusicBrainz/Server/Controller/WS/2/Collection.pm @@ -333,7 +333,7 @@ test "collection lookup errors" => sub { This is not a collection for entity type $entity_type. - For usage, please see: http://musicbrainz.org/development/mmd + For usage, please see: https://musicbrainz.org/development/mmd EOXML }; diff --git a/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupArtist.pm b/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupArtist.pm index 2e2b677c9d4..f37f9ec929a 100644 --- a/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupArtist.pm +++ b/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupArtist.pm @@ -430,7 +430,7 @@ is($mech->status, 400); is_xml_same($mech->content, q{ coffee is not a valid inc parameter for the artist resource. - For usage, please see: http://musicbrainz.org/development/mmd + For usage, please see: https://musicbrainz.org/development/mmd }); ws_test 'artist lookup with works (using l_artist_work)', diff --git a/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupDiscID.pm b/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupDiscID.pm index 303210b46e6..0e9d8efb25a 100644 --- a/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupDiscID.pm +++ b/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupDiscID.pm @@ -186,7 +186,7 @@ subtest 'lookup of invalid discid with no toc parameter' => sub { is_xml_same($mech->content, q{ Invalid discid. - For usage, please see: http://musicbrainz.org/development/mmd + For usage, please see: https://musicbrainz.org/development/mmd }); }; diff --git a/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupEvent.pm b/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupEvent.pm index d67b6517e39..004cd2c4d47 100644 --- a/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupEvent.pm +++ b/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupEvent.pm @@ -24,7 +24,7 @@ is($mech->status, 400); is_xml_same($mech->content, q{ coffee is not a valid inc parameter for the event resource. - For usage, please see: http://musicbrainz.org/development/mmd + For usage, please see: https://musicbrainz.org/development/mmd }); ws_test 'basic event lookup', diff --git a/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupInstrument.pm b/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupInstrument.pm index 427c745110b..be53c7924d6 100644 --- a/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupInstrument.pm +++ b/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupInstrument.pm @@ -29,7 +29,7 @@ is($mech->status, 400); is_xml_same($mech->content, q{ coffee is not a valid inc parameter for the instrument resource. - For usage, please see: http://musicbrainz.org/development/mmd + For usage, please see: https://musicbrainz.org/development/mmd }); ws_test 'basic instrument lookup', diff --git a/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupSeries.pm b/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupSeries.pm index c3243cd8cdd..504e3ddf0f6 100644 --- a/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupSeries.pm +++ b/t/lib/t/MusicBrainz/Server/Controller/WS/2/LookupSeries.pm @@ -25,7 +25,7 @@ is($mech->status, 400); is_xml_same($mech->content, q{ coffee is not a valid inc parameter for the series resource. - For usage, please see: http://musicbrainz.org/development/mmd + For usage, please see: https://musicbrainz.org/development/mmd }); ws_test 'basic series lookup', diff --git a/t/lib/t/MusicBrainz/Server/Controller/WS/2/SubmitCollection.pm b/t/lib/t/MusicBrainz/Server/Controller/WS/2/SubmitCollection.pm index 36d19810a58..c3f6697945c 100644 --- a/t/lib/t/MusicBrainz/Server/Controller/WS/2/SubmitCollection.pm +++ b/t/lib/t/MusicBrainz/Server/Controller/WS/2/SubmitCollection.pm @@ -156,7 +156,7 @@ EOXML PUT is not allowed on this endpoint. - For usage, please see: http://musicbrainz.org/development/mmd + For usage, please see: https://musicbrainz.org/development/mmd EOXML }; diff --git a/t/lib/t/MusicBrainz/Server/WebService/Format.pm b/t/lib/t/MusicBrainz/Server/WebService/Format.pm index 94dd006f0ab..dd261f7817d 100644 --- a/t/lib/t/MusicBrainz/Server/WebService/Format.pm +++ b/t/lib/t/MusicBrainz/Server/WebService/Format.pm @@ -108,7 +108,7 @@ test 'webservice request format handling (errors)' => sub { my $expected = ' Invalid format. Either set an Accept header (recognized mime types are application/json and application/xml), or include a fmt= argument in the query string (valid values for fmt are json and xml). - For usage, please see: http://musicbrainz.org/development/mmd + For usage, please see: https://musicbrainz.org/development/mmd '; $Test->note('Accept: application/something-else'); From 646a26bd38d1b92bfacfbae70fa4f57cdf2bf321 Mon Sep 17 00:00:00 2001 From: yvanzo Date: Tue, 4 Jun 2019 10:22:12 +0200 Subject: [PATCH 4/4] Output doc link with JSON WS error message JSON WS now outputs the same doc link as the XML WS error message. --- lib/MusicBrainz/Server/Test/WS.pm | 2 ++ lib/MusicBrainz/Server/WebService/JSONSerializer.pm | 5 ++++- .../Server/Controller/WS/2/JSON/BrowseReleases.pm | 5 ++++- .../Server/Controller/WS/2/JSON/LookupArtist.pm | 8 ++++++-- 4 files changed, 16 insertions(+), 4 deletions(-) diff --git a/lib/MusicBrainz/Server/Test/WS.pm b/lib/MusicBrainz/Server/Test/WS.pm index aa32643d94a..33c4278b53e 100644 --- a/lib/MusicBrainz/Server/Test/WS.pm +++ b/lib/MusicBrainz/Server/Test/WS.pm @@ -21,10 +21,12 @@ our @EXPORT_OK = qw( Readonly our $FORBIDDEN_JSON_RESPONSE => { error => 'You are not authorized to access this resource.', + help => 'For usage, please see: https://musicbrainz.org/development/mmd', }; Readonly our $UNAUTHORIZED_JSON_RESPONSE => { error => 'Your credentials could not be verified. Either you supplied the wrong credentials (e.g., bad password), or your client doesn\'t understand how to supply the credentials required.', + help => 'For usage, please see: https://musicbrainz.org/development/mmd', }; Readonly our $FORBIDDEN_XML_RESPONSE => <<'EOXML'; diff --git a/lib/MusicBrainz/Server/WebService/JSONSerializer.pm b/lib/MusicBrainz/Server/WebService/JSONSerializer.pm index 47a50700f79..cabeaecd014 100644 --- a/lib/MusicBrainz/Server/WebService/JSONSerializer.pm +++ b/lib/MusicBrainz/Server/WebService/JSONSerializer.pm @@ -129,7 +129,10 @@ sub autocomplete_editor { sub output_error { my ($self, $err) = @_; - return encode_json({ error => $err }); + return encode_json({ + error => $err, + help => 'For usage, please see: https://musicbrainz.org/development/mmd', + }); } sub output_success { diff --git a/t/lib/t/MusicBrainz/Server/Controller/WS/2/JSON/BrowseReleases.pm b/t/lib/t/MusicBrainz/Server/Controller/WS/2/JSON/BrowseReleases.pm index 8b0fcad4844..566db549f46 100644 --- a/t/lib/t/MusicBrainz/Server/Controller/WS/2/JSON/BrowseReleases.pm +++ b/t/lib/t/MusicBrainz/Server/Controller/WS/2/JSON/BrowseReleases.pm @@ -21,7 +21,10 @@ test 'errors' => sub { $mech->get('/ws/2/release?recording=7b1f6e95-b523-43b6-a048-810ea5d463a8'); is($mech->status, 404, 'browse releases via non-existent recording'); - is_json($mech->content, encode_json({ error => "Not Found" })); + is_json($mech->content, encode_json({ + error => "Not Found", + help => 'For usage, please see: https://musicbrainz.org/development/mmd', + })); }; test 'browse releases via artist (paging)' => sub { diff --git a/t/lib/t/MusicBrainz/Server/Controller/WS/2/JSON/LookupArtist.pm b/t/lib/t/MusicBrainz/Server/Controller/WS/2/JSON/LookupArtist.pm index 1c492af65a7..c5f6614a6ab 100644 --- a/t/lib/t/MusicBrainz/Server/Controller/WS/2/JSON/LookupArtist.pm +++ b/t/lib/t/MusicBrainz/Server/Controller/WS/2/JSON/LookupArtist.pm @@ -22,12 +22,16 @@ test 'errors' => sub { is($mech->status, 400); is_json($mech->content, encode_json({ - error => "coffee is not a valid inc parameter for the artist resource." + error => "coffee is not a valid inc parameter for the artist resource.", + help => 'For usage, please see: https://musicbrainz.org/development/mmd', })); $mech->get('/ws/2/artist/00000000-1111-2222-3333-444444444444'); is($mech->status, 404); - is_json($mech->content, encode_json({ error => "Not Found" })); + is_json($mech->content, encode_json({ + error => "Not Found", + help => 'For usage, please see: https://musicbrainz.org/development/mmd', + })); }; test 'basic artist lookup' => sub {