From 7c98ba64aa3f64be9aff77f36c33d2d48d9653b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20K=C3=B6sters?= Date: Sat, 15 Oct 2022 16:56:08 +0200 Subject: [PATCH] fix: HEAD requests should produce METHOD_NOT_ALLOWED --- src/api/client_server/directory.rs | 11 ++--------- src/api/client_server/sync.rs | 2 +- src/main.rs | 18 ++++++++++++------ 3 files changed, 15 insertions(+), 16 deletions(-) diff --git a/src/api/client_server/directory.rs b/src/api/client_server/directory.rs index a7381d8d..f07a2254 100644 --- a/src/api/client_server/directory.rs +++ b/src/api/client_server/directory.rs @@ -87,10 +87,7 @@ pub async fn set_room_visibility_route( if !services().rooms.metadata.exists(&body.room_id)? { // Return 404 if the room doesn't exist - return Err(Error::BadRequest( - ErrorKind::NotFound, - "Room not found", - )); + return Err(Error::BadRequest(ErrorKind::NotFound, "Room not found")); } match &body.visibility { @@ -116,13 +113,9 @@ pub async fn set_room_visibility_route( pub async fn get_room_visibility_route( body: Ruma, ) -> Result { - if !services().rooms.metadata.exists(&body.room_id)? { // Return 404 if the room doesn't exist - return Err(Error::BadRequest( - ErrorKind::NotFound, - "Room not found", - )); + return Err(Error::BadRequest(ErrorKind::NotFound, "Room not found")); } Ok(get_room_visibility::v3::Response { diff --git a/src/api/client_server/sync.rs b/src/api/client_server/sync.rs index 828ae19c..7de274b2 100644 --- a/src/api/client_server/sync.rs +++ b/src/api/client_server/sync.rs @@ -905,7 +905,7 @@ async fn sync_helper( let leave_shortstatekey = services() .rooms .short - .get_or_create_shortstatekey(&StateEventType::RoomMember, &sender_user.as_str())?; + .get_or_create_shortstatekey(&StateEventType::RoomMember, sender_user.as_str())?; left_state_ids.insert(leave_shortstatekey, left_event_id); diff --git a/src/main.rs b/src/main.rs index 626de3ae..a782de02 100644 --- a/src/main.rs +++ b/src/main.rs @@ -24,10 +24,13 @@ use figment::{ }; use http::{ header::{self, HeaderName}, - Method, Uri, + Method, StatusCode, Uri, }; use opentelemetry::trace::{FutureExt, Tracer}; -use ruma::api::{client::error::ErrorKind, IncomingRequest}; +use ruma::api::{ + client::{error::Error as RumaError, error::ErrorKind, uiaa::UiaaResponse}, + IncomingRequest, +}; use tokio::signal; use tower::ServiceBuilder; use tower_http::{ @@ -191,15 +194,18 @@ async fn run_server() -> io::Result<()> { async fn unrecognized_method( req: axum::http::Request, next: axum::middleware::Next, -) -> std::result::Result { +) -> std::result::Result { let method = req.method().clone(); let uri = req.uri().clone(); let inner = next.run(req).await; if inner.status() == axum::http::StatusCode::METHOD_NOT_ALLOWED { warn!("Method not allowed: {method} {uri}"); - return Ok( - Error::BadRequest(ErrorKind::Unrecognized, "Unrecognized request").into_response(), - ); + return Ok(RumaResponse(UiaaResponse::MatrixError(RumaError { + kind: ErrorKind::Unrecognized, + message: "M_UNRECOGNIZED: Unrecognized request".to_owned(), + status_code: StatusCode::METHOD_NOT_ALLOWED, + })) + .into_response()); } Ok(inner) }