You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The instance should return a normal error message. The malformed query should be parsed correctly.
Additional details
In the UWSGI logs, you will see something like this:
Traceback (most recent call last):
File "/usr/lib/ckan/default/lib/python3.8/site-packages/flask/app.py", line 1516, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/lib/ckan/default/lib/python3.8/site-packages/flask/app.py", line 1502, in dispatch_request
return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
File "/usr/lib/ckan/default/src/ckan/ckan/config/middleware/../../views/group.py", line 174, in index
global_results = _action(u'group_list')(context,
File "/usr/lib/ckan/default/src/ckan/ckan/logic/__init__.py", line 580, in wrapped
result = _action(context, data_dict, **kw)
File "/usr/lib/ckan/default/src/ckan/ckan/logic/action/get.py", line 561, in organization_list
return _group_or_org_list(context, data_dict, is_org=True)
File "/usr/lib/ckan/default/src/ckan/ckan/logic/action/get.py", line 430, in _group_or_org_list
groups = query.all()
File "/usr/lib/ckan/default/lib/python3.8/site-packages/sqlalchemy/orm/query.py", line 2772, in all
return self._iter().all()
File "/usr/lib/ckan/default/lib/python3.8/site-packages/sqlalchemy/orm/query.py", line 2907, in _iter
result = self.session.execute(
File "/usr/lib/ckan/default/lib/python3.8/site-packages/sqlalchemy/orm/session.py", line 1712, in execute
result = conn._execute_20(statement, params or {}, execution_options)
File "/usr/lib/ckan/default/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 1705, in _execute_20
return meth(self, args_10style, kwargs_10style, execution_options)
File "/usr/lib/ckan/default/lib/python3.8/site-packages/sqlalchemy/sql/elements.py", line 333, in _execute_on_connection
return connection._execute_clauseelement(
File "/usr/lib/ckan/default/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 1572, in _execute_clauseelement
ret = self._execute_context(
File "/usr/lib/ckan/default/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 1943, in _execute_context
self._handle_dbapi_exception(
File "/usr/lib/ckan/default/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 2128, in _handle_dbapi_exception
util.raise_(exc_info[1], with_traceback=exc_info[2])
File "/usr/lib/ckan/default/lib/python3.8/site-packages/sqlalchemy/util/compat.py", line 208, in raise_
raise exception
File "/usr/lib/ckan/default/lib/python3.8/site-packages/sqlalchemy/engine/base.py", line 1900, in _execute_context
self.dialect.do_execute(
File "/usr/lib/ckan/default/lib/python3.8/site-packages/sqlalchemy/engine/default.py", line 736, in do_execute
cursor.execute(statement, parameters)
ValueError: A string literal cannot contain NUL (0x00) characters.
These are only a few examples. There are more of these that result in e.g. AttributeErrors as well. What I think is missing is some kind of validator for the search query.
The text was updated successfully, but these errors were encountered:
CKAN version
2.10.4
Describe the bug
Somebody or something is occasionally flooding my CKAN instance with malformed GET requests. These sometimes cause a 500 internal server error.
Steps to reproduce
Click one of these links:
Expected behavior
The instance should return a normal error message. The malformed query should be parsed correctly.
Additional details
In the UWSGI logs, you will see something like this:
These are only a few examples. There are more of these that result in e.g. AttributeErrors as well. What I think is missing is some kind of validator for the search query.
The text was updated successfully, but these errors were encountered: