Open t3mp-0xCC opened 2 years ago
投稿時に以下のような不正なidを含んだリクエストを送信するとworksの表示でInternal Server Errorにより500がレスポンスされ、閲覧が不可能になる。
POST /api/v1/works?post_discord=true HTTP/2 Host: kodomobeya.compositecomputer.club Content-Length: 269 Sec-Ch-Ua: "Chromium";v="107", "Not=A?Brand";v="24" Accept: application/json, text/plain, */* Content-Type: application/json Sec-Ch-Ua-Mobile: ?0 Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJoYXlhYnVzYS5rYWl5b3VAZ21haWwuY29tIiwidG9rZW5fdHlwZSI6ImJlYXJlciIsImV4cCI6MTY2ODM1Mzg2MH0.42C18yeGywc0J4tvMArcCNcbdTIdtGrufztMkQr32dE User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.63 Safari/537.36 Sec-Ch-Ua-Platform: "Linux" Origin: https://toybox.compositecomputer.club Sec-Fetch-Site: same-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://toybox.compositecomputer.club/ Accept-Encoding: gzip, deflate Accept-Language: ja,en-US;q=0.9,en;q=0.8 { "title":"Dangerous Toy", "description":"I ganna down the toybox server", "visibility":"private", "thumbnail_asset_id":"deadbeef", "assets_id":["deadbeef"], "urls":[], "tags_id":["deadbeef"] }
正常なリクエストはこんな感じ
POST /api/v1/works?post_discord=true HTTP/2 Host: kodomobeya.compositecomputer.club Content-Length: 269 Sec-Ch-Ua: "Chromium";v="107", "Not=A?Brand";v="24" Accept: application/json, text/plain, */* Content-Type: application/json Sec-Ch-Ua-Mobile: ?0 Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJoYXlhYnVzYS5rYWl5b3VAZ21haWwuY29tIiwidG9rZW5fdHlwZSI6ImJlYXJlciIsImV4cCI6MTY2ODM1Mzg2MH0.42C18yeGywc0J4tvMArcCNcbdTIdtGrufztMkQr32dE User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.63 Safari/537.36 Sec-Ch-Ua-Platform: "Linux" Origin: https://toybox.compositecomputer.club Sec-Fetch-Site: same-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://toybox.compositecomputer.club/ Accept-Encoding: gzip, deflate Accept-Language: ja,en-US;q=0.9,en;q=0.8 { "title":"Dangerous Toy", "description":"I ganna down the toybox server", "visibility":"private", "thumbnail_asset_id":"d3e8606e-f5a4-4a89-a4d4-64f5a043c63f", "assets_id":["f77c3ad2-0166-4e3b-bf23-26fdcd206222"], "urls":[], "tags_id":["e5b3e6b2-7c26-42a4-a163-c3803519e2e2"] }
500が返ってくるリクエストとレスポンスは以下
GET /api/v1/works HTTP/2 Host: kodomobeya.compositecomputer.club User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:106.0) Gecko/20100101 Firefox/106.0 Accept: application/json, text/plain, */* Accept-Language: ja,en-US;q=0.7,en;q=0.3 Accept-Encoding: gzip, deflate, br Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJoYXlhYnVzYS5rYWl5b3VAZ21haWwuY29tIiwidG9rZW5fdHlwZSI6ImJlYXJlciIsImV4cCI6MTY2ODM1NDE5NX0.nrPTmIjsVC0R-7QZ_jTToZOg_IqE3oWuMtuHI93ZdKU Origin: https://toybox.compositecomputer.club DNT: 1 Connection: keep-alive Referer: https://toybox.compositecomputer.club/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Sec-GPC: 1 Pragma: no-cache Cache-Control: no-cache TE: trailers
HTTP/2 500 Internal Server Error date: Sun, 13 Nov 2022 15:28:27 GMT content-type: text/plain; charset=utf-8 content-length: 21 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yx9lvE4ql27OUwn9%2FEHQbAPbLNc%2FJ77dRYLKkUuFZf7A2VQZj0A7SaXXD4zJ8mIb4QSCyKFIzPKbYjGRaXI7bcvc%2FvpUvqnMFiYrzQHMtIg3xWuP9lrMJrRvcB0sGZROvWLM5zStYh4WROwIvyqChYGcUhI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7698898afb9580fc-NRT alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2
修正も自分でやります。
t3mp-0xCC
commented
2 years ago t3mp-0xCC
commented
2 years ago
投稿時に以下のような不正なidを含んだリクエストを送信するとworksの表示でInternal Server Errorにより500がレスポンスされ、閲覧が不可能になる。
正常なリクエストはこんな感じ
500が返ってくるリクエストとレスポンスは以下