fix(backend): return HTTP 404 for any unknown api endpoint paths (#10130)

* fix(backend): return HTTP 400 for any invalid api endpoint paths

* 404
This commit is contained in:
Kagami Sascha Rosylight 2023-02-27 10:01:43 +01:00 committed by GitHub
parent 81e6a21fe0
commit 647a018362
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 29 additions and 2 deletions

11
cypress/e2e/api.cy.js Normal file
View File

@ -0,0 +1,11 @@
describe('API', () => {
it('returns HTTP 404 to unknown API endpoint paths', () => {
cy.request({
url: '/api/foo',
failOnStatusCode: false,
}).then((response) => {
expect(response.status).to.eq(404);
expect(response.body.error.code).to.eq('UNKNOWN_API_ENDPOINT');
});
});
});

View File

@ -79,7 +79,7 @@ export class ApiServerService {
reply.send(); reply.send();
return; return;
} }
this.apiCallService.handleMultipartRequest(ep, request, reply); this.apiCallService.handleMultipartRequest(ep, request, reply);
}); });
} else { } else {
@ -93,7 +93,7 @@ export class ApiServerService {
reply.send(); reply.send();
return; return;
} }
this.apiCallService.handleRequest(ep, request, reply); this.apiCallService.handleRequest(ep, request, reply);
}); });
} }
@ -160,6 +160,22 @@ export class ApiServerService {
} }
}); });
// Make sure any unknown path under /api returns HTTP 404 Not Found,
// because otherwise ClientServerService will return the base client HTML
// page with HTTP 200.
fastify.get('*', (request, reply) => {
reply.code(404);
// Mock ApiCallService.send's error handling
reply.send({
error: {
message: 'Unknown API endpoint.',
code: 'UNKNOWN_API_ENDPOINT',
id: '2ca3b769-540a-4f08-9dd5-b5a825b6d0f1',
kind: 'client',
},
});
});
done(); done();
} }
} }