From 1cc587c03ea31a193b804779791ebc4be6e8ac36 Mon Sep 17 00:00:00 2001 From: Stephen Crosby Date: Mon, 14 Sep 2015 21:28:14 -0700 Subject: [PATCH] refs #934 catch and provide error on invalid xml --- app/controllers/notices_controller.rb | 2 ++ spec/controllers/notices_controller_spec.rb | 9 +++++++++ 2 files changed, 11 insertions(+), 0 deletions(-) diff --git a/app/controllers/notices_controller.rb b/app/controllers/notices_controller.rb index 6e1494c..235d34b 100644 --- a/app/controllers/notices_controller.rb +++ b/app/controllers/notices_controller.rb @@ -24,6 +24,8 @@ class NoticesController < ApplicationController else render :text => "Your API key is unknown", :status => 422 end + rescue Nokogiri::XML::SyntaxError + render :text => 'The provided XML was not well-formed', :status => 422 end # Redirects a notice to the problem page. Useful when using User Information at Airbrake gem. diff --git a/spec/controllers/notices_controller_spec.rb b/spec/controllers/notices_controller_spec.rb index 7646555..3ac34bf 100644 --- a/spec/controllers/notices_controller_spec.rb +++ b/spec/controllers/notices_controller_spec.rb @@ -7,6 +7,15 @@ describe NoticesController, type: 'controller' do let(:error_report) { double(:valid? => true, :generate_notice! => true, :notice => notice, :should_keep? => true) } context 'notices API' do + context "with bogus xml" do + it "returns an error" do + expect(request).to receive(:raw_post).and_return('notxml') + post :create, :format => :xml + expect(response.status).to eq(422) + expect(response.body).to eq('The provided XML was not well-formed') + end + end + context "with all params" do before do expect(ErrorReport).to receive(:new).with(xml).and_return(error_report) -- libgit2 0.21.2