fixes #4954

9 years ago · 093b21fc31
parent bf3b270c77
commit 093b21fc31
4 changed files with 38 additions and 2 deletions
--- a/public/language/en_GB/global.json
+++ b/public/language/en_GB/global.json
@ -7,8 +7,10 @@
 	"403.login": "Perhaps you should <a href='%1/login'>try logging in</a>?",
 	"404.title": "Not Found",
 	"404.message": "You seem to have stumbled upon a page that does not exist. Return to the <a href='%1/'>home page</a>.",
-	"500.title": "Internal error.",
+	"500.title": "Internal Error.",
 	"500.message": "Oops! Looks like something went wrong!",
+	"400.title": "Bad Request.",
+	"400.message": "It looks like this link is malformed, please double-check and try again. Otherwise, return to the <a href='%1/'>home page</a>.",

 	"register": "Register",
 	"login": "Login",
--- a/src/controllers/index.js
+++ b/src/controllers/index.js
@ -381,6 +381,35 @@ Controllers.handle404 = function(req, res) {
 	}
 };

+Controllers.handleURIErrors = function(err, req, res, next) {
+	// Handle cases where malformed URIs are passed in
+	if (err instanceof URIError) {
+		var tidMatch = req.path.match(/^\/topic\/(\d+)\//);
+		var cidMatch = req.path.match(/^\/category\/(\d+)\//);
+
+		if (tidMatch) {
+			res.redirect(nconf.get('relative_path') + tidMatch[0]);
+		} else if (cidMatch) {
+			res.redirect(nconf.get('relative_path') + cidMatch[0]);
+		} else {
+			winston.warn('[controller] Bad request: ' + req.path);
+			if (res.locals.isAPI) {
+				res.status(400).json({
+					error: '[[global:400.title]]'
+				});
+			} else {
+				req.app.locals.middleware.buildHeader(req, res, function() {
+					res.render('400', { error: validator.escape(String(err.message)) });
+				});
+			}
+		}
+
+		return;
+	} else {
+		next();
+	}
+};
+
 Controllers.handleErrors = function(err, req, res, next) {
 	switch (err.code) {
 		case 'EBADCSRFTOKEN':
@ -403,7 +432,7 @@ Controllers.handleErrors = function(err, req, res, next) {
 		res.json({path: validator.escape(path), error: err.message});
 	} else {
 		req.app.locals.middleware.buildHeader(req, res, function() {
-			res.render('500', {path: validator.escape(path), error: validator.escape(String(err.message))});
+			res.render('500', { path: validator.escape(path), error: validator.escape(String(err.message)) });
 		});
 	}
 };
--- a/src/routes/index.js
+++ b/src/routes/index.js
@ -153,6 +153,7 @@ module.exports = function(app, middleware, hotswapIds) {
 	}));
 	app.use('/vendor/jquery/timeago/locales', middleware.processTimeagoLocales);
 	app.use(controllers.handle404);
+	app.use(controllers.handleURIErrors);
 	app.use(controllers.handleErrors);

 	// Add plugin routes
--- a/src/views/400.tpl
+++ b/src/views/400.tpl
@ -0,0 +1,4 @@
+<div class="alert alert-danger">
+	<strong>[[global:400.title]]</strong>
+	<p>[[global:400.message, {config.relative_path}]]</p>
+</div>