From 4549a822999fb12b91a10f4da33d8d081913160a Mon Sep 17 00:00:00 2001 From: Tom Clegg Date: Wed, 22 Feb 2023 10:52:13 -0500 Subject: [PATCH] 19963: Fix crash on no-cache + invalid token. Arvados-DCO-1.1-Signed-off-by: Tom Clegg --- services/keep-web/handler.go | 2 +- services/keep-web/handler_test.go | 22 +++++++++++++++++++++- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/services/keep-web/handler.go b/services/keep-web/handler.go index 0e964e4632..afaa51b0ff 100644 --- a/services/keep-web/handler.go +++ b/services/keep-web/handler.go @@ -410,7 +410,7 @@ func (h *handler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) { collectionDir, sessionFS, session, tokenUser = f, fs, sess, user break } - if forceReload { + if forceReload && collectionDir != nil { err := collectionDir.Sync() if err != nil { var statusErr interface{ HTTPStatus() int } diff --git a/services/keep-web/handler_test.go b/services/keep-web/handler_test.go index 0f7d507879..d368b4447f 100644 --- a/services/keep-web/handler_test.go +++ b/services/keep-web/handler_test.go @@ -531,6 +531,26 @@ func (s *IntegrationSuite) TestVhostRedirectQueryTokenToBogusCookie(c *check.C) ) } +func (s *IntegrationSuite) TestVhostRedirectWithNoCache(c *check.C) { + resp := s.testVhostRedirectTokenToCookie(c, "GET", + arvadostest.FooCollection+".example.com/foo", + "?api_token=thisisabogustoken", + http.Header{ + "Sec-Fetch-Mode": {"navigate"}, + "Cache-Control": {"no-cache"}, + }, + "", + http.StatusSeeOther, + "", + ) + u, err := url.Parse(resp.Header().Get("Location")) + c.Assert(err, check.IsNil) + c.Logf("redirected to %s", u) + c.Check(u.Host, check.Equals, s.handler.Cluster.Services.Workbench2.ExternalURL.Host) + c.Check(u.Query().Get("redirectToPreview"), check.Equals, "/c="+arvadostest.FooCollection+"/foo") + c.Check(u.Query().Get("redirectToDownload"), check.Equals, "") +} + func (s *IntegrationSuite) TestVhostRedirectQueryTokenSingleOriginError(c *check.C) { s.testVhostRedirectTokenToCookie(c, "GET", "example.com/c="+arvadostest.FooCollection+"/foo", @@ -739,7 +759,7 @@ func (s *IntegrationSuite) TestForwardSlashSubstitution(c *check.C) { base := "http://download.example.com/by_id/" + coll.OwnerUUID + "/" for tryURL, expectRegexp := range map[string]string{ - base: `(?ms).*href="./` + nameShownEscaped + `/"\S+` + nameShown + `.*`, + base: `(?ms).*href="./` + nameShownEscaped + `/"\S+` + nameShown + `.*`, base + nameShownEscaped + "/": `(?ms).*href="./filename"\S+filename.*`, } { u, _ := url.Parse(tryURL) -- 2.30.2