Better REST error messages in case of exceptions [#1865594]

Comment	File	Size	Author
#25	robust-post-1865594-25.patch	9.45 KB	klausi

#25	robust-post-1865594-25-interdiff.txt	743 bytes	klausi
#23	robust-post-1865594-23.patch	9.45 KB	klausi

#23	robust-post-1865594-23-interdiff.txt	655 bytes	klausi
#15	robust-post-1865594-15.patch	9.46 KB	klausi

#13	robust-post-1865594-13.patch	9.64 KB	klausi

#13	robust-post-1865594-13-interdiff.txt	4.46 KB	klausi
#10	robust-post-1865594-10.patch	7.24 KB	klausi

#10	robust-post-1865594-10-interdiff.txt	5.02 KB	klausi
#5	robust-post-1865594-5.patch	3.98 KB	klausi

#5	robust-post-1865594-5-interdiff.txt	1.45 KB	klausi
#1	rest-robust-post-1865594-1.patch	4.3 KB	klausi

Comment #1

klausi

he/him||they/them

German

🇦🇹 Vienna

CreditAttribution: klausi commented 13 December 2012 at 12:01

Status:

Active

» Needs review

File	Size
rest-robust-post-1865594-1.patch	4.3 KB

Patch attached.

Log in or register to post comments

Comment #2

Anonymous (not verified) CreditAttribution: Anonymous commented 14 December 2012 at 15:13

IMHO, the deserializer should throw exceptions when the data doesn't meet expectations. The newest patch in #1852812: Use cache to get entity type/bundle metadata from JSON-LD @type URI throws exceptions on denormalize, so that needs to be wrapped in a try/catch. I also provide informative messages, so those should be passed through.

Log in or register to post comments

Comment #3

klausi

he/him||they/them

German

🇦🇹 Vienna

CreditAttribution: klausi commented 19 December 2012 at 12:25

Status:

Needs review

» Postponed

ok, postponing this on #1852812: Use cache to get entity type/bundle metadata from JSON-LD @type URI.

Log in or register to post comments

Comment #4

aspilicious CreditAttribution: aspilicious commented 22 December 2012 at 15:13

Status:

Postponed

» Needs work

Guess this needs work

Log in or register to post comments

Comment #5

klausi

he/him||they/them

German

🇦🇹 Vienna

CreditAttribution: klausi commented 17 January 2013 at 13:42

Status:

Needs work

» Needs review

File	Size
robust-post-1865594-5-interdiff.txt	1.45 KB
robust-post-1865594-5.patch	3.98 KB

Rerolled for exceptions.

Log in or register to post comments

Comment #6

Damien Tournoud CreditAttribution: Damien Tournoud commented 17 January 2013 at 13:53

Title:

Handle invalid POST request content

» Better error messages in case of invalid POST request content

The scope of this patch seems to have reduced dramatically. Retitling.

Log in or register to post comments

Comment #7

Anonymous (not verified) CreditAttribution: Anonymous commented 17 January 2013 at 14:20

The title might not have been clear, but I'm fairly certain the scope hasn't been changed at all (though klausi would know better).

Log in or register to post comments

Comment #8

klausi

he/him||they/them

German

🇦🇹 Vienna

CreditAttribution: klausi commented 17 January 2013 at 15:09

This does not improve only error messages, it also improves HTTP status codes (400 instead of 500). But yeah, we sort of handled invalid POST stuff already by simply blowing up a 500 fatal error.

While we are at it here are some more points for discussing REST error messages:
* Should we translate error messages with t()? I would say no, since they are not intended to be shown to end users.
* Should we protect error messages with error_displayable()? Since resource plugins return HttpExceptions I think it is clear that those are considered public, so they should never contain sensitive information. What about the serializer component? When looking through it I saw some UnexpectedValueExceptions that throw up libxml errors for example. Do we think that there could be ever sensitive data in it?

Log in or register to post comments

Comment #9

Crell CreditAttribution: Crell commented 21 January 2013 at 17:39

My knee-jerk thought is that error messages SHOULD be returned in the language and format specified in the request headers. However, I don't know how far we should push that. It depends on what the convention is around the web. Let's research that a bit and then let that guide our decision.

Log in or register to post comments

Comment #10

klausi

he/him||they/them

German

🇦🇹 Vienna

CreditAttribution: klausi commented 22 January 2013 at 14:31

Title:

Better error messages in case of invalid POST request content

» Better REST error messages in case of exceptions

File	Size
robust-post-1865594-10-interdiff.txt	5.02 KB
robust-post-1865594-10.patch	7.24 KB

Thinking more about it I guess it makes sense to just use t() around the exception error messages. We can simply leverage the language system and t() to figure out what the client wants and what is available.

I don't fully trust all levels of the serialization stack, so I kept the generic error message for serialization errors.

For now I hard-coded drupal_jsonld as content-type on error responses. text/plain might lead to parsing errors on primitive clients, so we should return our error message in the appropriate format (handling different formats should be done in other issues like #1850734: Make serialization formats configurable). An error response body in drupal_jsonld looks like this:

{
   "error": "Entity with ID 5 not found"
}

Log in or register to post comments

Comment #11

22 January 2013 at 16:16

Status:

Needs review

» Needs work

The last submitted patch, robust-post-1865594-10.patch, failed testing.

Log in or register to post comments

Comment #12

Anonymous (not verified) CreditAttribution: Anonymous commented 22 January 2013 at 17:57

So you're saying that no matter what exception is thrown in the serialization process, consumers will always see the same error message?

If that's correct, what's the reasoning for this? What does it protect us against?

There are a lot of things that consumers can get wrong when running a request against a service. I think it is waaaaay better to give them informative messages about what they got wrong.

Log in or register to post comments

Comment #13

klausi

he/him||they/them

German

🇦🇹 Vienna

CreditAttribution: klausi commented 24 January 2013 at 12:10

Status:

Needs work

» Needs review

File	Size
robust-post-1865594-13-interdiff.txt	4.46 KB
robust-post-1865594-13.patch	9.64 KB

Fixed the test cases.

My reasoning for swallowing the error messages was that they could reveal sensitive information, like path information such as /var/www/example.com/core/whatever. However, since that is only a minor security risk and the error messages are important for consumers I'm passing through the messages now. If we encounter any problems with that we can fix that later.

Log in or register to post comments

Comment #14

Crell CreditAttribution: Crell commented 24 January 2013 at 23:05

Log in or register to post comments

Comment #15

klausi

he/him||they/them

German

🇦🇹 Vienna

CreditAttribution: klausi commented 9 February 2013 at 00:15

Issue tags:

+WSCCI

File	Size
robust-post-1865594-15.patch	9.46 KB

linclark recommended https://www.youtube.com/watch?v=5WXYw4J4QOU , which talks about errors at 1:09:27. So I think we are doing it quite right here with wrapping the error in the requested format. The video does not mention translation of error messages. Not sure we should invent error number codes to identify particular errors, I think we can leave that open for a possible follow-up.

Patch did not apply anymore, rerolled.

Log in or register to post comments

Comment #16

Crell CreditAttribution: Crell commented 9 February 2013 at 01:01

One of the speakers here at SunshinePHP mentioned https://github.com/blongden/vnd.error, which looks very simple and just what we're looking for.

Log in or register to post comments

Comment #17

hpbruna CreditAttribution: hpbruna commented 9 February 2013 at 20:33

#5: robust-post-1865594-5.patch queued for re-testing.

Log in or register to post comments

Comment #18

Crell CreditAttribution: Crell commented 10 February 2013 at 17:26

+++ b/core/modules/rest/lib/Drupal/rest/Plugin/rest/resource/DBLogResource.php
@@ -58,6 +58,6 @@ public function get($id = NULL) {
+    throw new NotFoundHttpException(t('Log enttry with ID @id was not found', array('@id' => $id)));

Only one "t" in entry.

Thinking about it, we shouldn't do the exception handling in RequestHandler. We should allow the exception to propagate to an exception listener, which will turn it into a response following the vnd.error spec depending on the base type of the request. (xml or json)

Log in or register to post comments

Comment #19

Anonymous (not verified) CreditAttribution: Anonymous commented 10 February 2013 at 17:39

What's the reason for using vnd.error, instead of returning the response in the requested media type? Both would use the HTTP error code, so consumers will already know that it was an error.

Some consuming tools do not understand vendor prefixed media types, and it also limits us to XML and JSON responses, whereas our system is format agnostic. Does using the vendor prefixed media type give us an advantage?

Log in or register to post comments

Comment #20

Crell CreditAttribution: Crell commented 10 February 2013 at 17:59

The requested media type may not have a reasonable way to represent errors. JSON-LD may fold naturally to plain JSON, but then do we use a key "message", "messages", "errors", or...? SVG doesn't fall bak to anything sane. Atom's envelope is frickin' huge. :-)

After talking with folks at Sunshine PHP I checked the RFC: http://www.w3.org/Protocols/rfc2616/rfc2616-sec12.html

It's filled with lots of MAY, so I'm comfortable saying that asking for atom+xml and getting back vnd.error+xml is acceptable. It also means that then someone writing a new format doesn't need to think about the format and envelope for error messages, as we'll fold it to vnd.error for the appropriate parent type. (If someone is asking for something in non-XML or JSON, sure, they need to do something custom, but there aren't many of those.)

I'm assuming that a client wouldn't be checking the media type directly, vendor or otherwise. If you ask for Atom, you can expect to get back atom+xml on a 200 or vnd.error+xml on a 4xx/5xx. You can just build that assumption into your code fairly reliably.

Log in or register to post comments

Comment #21

Anonymous (not verified) CreditAttribution: Anonymous commented 10 February 2013 at 18:14

I may be mistaken, but we don't actually have the ability to discern a media type tree at this point, do we? That is to say, within the system we don't really have a way to say that JSON is the parent of JSON-LD.

The format structure that we work with is as follows (from Request::initializeFormats):

static::$formats = array(
            'html' => array('text/html', 'application/xhtml+xml'),
            'txt'  => array('text/plain'),
            'js'   => array('application/javascript', 'application/x-javascript', 'text/javascript'),
            'css'  => array('text/css'),
            'json' => array('application/json', 'application/x-json'),
            'xml'  => array('text/xml', 'application/xml', 'application/x-xml'),
            'rdf'  => array('application/rdf+xml'),
            'atom' => array('application/atom+xml'),
            'rss'  => array('application/rss+xml'),
        );

If we were add "application/ld+json" to the "json" array there, then we wouldn't be able to switch Normalizers as we currently do.

Maybe there's a way to distinguish in Symfony which I just haven't seen?

Log in or register to post comments

Comment #22

Crell CreditAttribution: Crell commented 10 February 2013 at 20:33

I don't know. I haven't dug that far into it. :-)

Log in or register to post comments

Comment #23

klausi

he/him||they/them

German

🇦🇹 Vienna

CreditAttribution: klausi commented 11 February 2013 at 12:23

File	Size
robust-post-1865594-23-interdiff.txt	655 bytes
robust-post-1865594-23.patch	9.45 KB

Fixed the typo mentioned in #18.

Using vnd.error might be interesting, but I think it is a bit out of scope for this issue. Let's fix the messages and the translation and the default media type here and leave it for another issue. Same for moving out the exception handling to a dedicated exception handler, not within the scope of this patch.