Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-23 17:08:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 83

Website: Update body parser error handling. (#31427)

Browse source 
Closes: https://github.com/fleetdm/fleet/issues/31418

Changes:
- Updated the body parser middleware to return a 403 response if a
multi-part request is sent to a URL that could be for a static asset.
This commit is contained in:
Eric 2025-07-30 16:47:56 -05:00 committed by GitHub
parent cb4f1e447a
commit 1f11196b67
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
website/config/http.js vendored
View file

@ -59,6 +59,9 @@ module.exports.http = {
// If an error occurs while parsing an incoming request body, we'll return a badRequest response if error.statusCode is between 400-500
if (_.isNumber(err.statusCode) && err.statusCode >= 400 && err.statusCode < 500) {
return res.status(400).send(err.message);
// If an error occurs and this was a request going to a static asset, return a 403 response.
} else if(req.url.match(sails.LOOKS_LIKE_ASSET_RX)) {
return res.status(403).send();
} else {
sails.log.error('Sending 500 ("Server Error") response: \n', err);
return res.status(500).send();