linear[bot]
commented
2 years ago SKY-1169 Should URLs with malformed skylinks return a 401 on Account-Only portals?
## Describe the bug Non-existent subdomains are interpreted as incorrectly formed skylinks, and on account-only portals, an error is returned about not being authenticated instead of the expected "your skylink is bunk". ## To Reproduce Visit [https://asdfasdfsadfsadf.siasky.net/](https://asdfasdfsadfsadf.siasky.net/) and see "normal" behavior.\ Visit [https://asdfasdfsadfsadf.skynetfree.net/](https://asdfasdfsadfsadf.skynetfree.net/) and get asked to authenticate, even when logged in. ## Expected behavior Visiting the page should result in the user being informed their skylink is malformed. For not logged in users, either error will work.\ Or, we build a better error page? Or not assume the user is trying to access a skylink when the data doesn't match one of our established server subdomains? ## Screenshots [](https://uploads.linear.app/eda4353b-2c00-40e1-91f8-0994ee46dcfd/51f9f0ab-f3a4-4ada-a232-231271dac016/2015e7f5-f87a-4333-a923-53075758aa6b) [https://github.com/SkynetLabs/webportal-nginx/issues/26](https://github.com/SkynetLabs/webportal-nginx/issues/26)
codecov[bot]
kwypchlo
When trying to access skylink (especially via subdomain) we should check that the provided skylink is valid and return meaningful error message otherwise. Lack of validation is most noticeable when we return "401 Unauthenticated" error for invalid skylink for unauthenticated users instead of giving early feedback that skylink is not valid.
Before: user would get "401 Unauthenticated" error page After: user will get "400 Bad Request" page with plain test message explaining the issue (not a "pretty" page, that can be a follow up though)
Before:
After:
deployed to https://dev2.siasky.dev/ example: https://foo.dev2.siasky.dev/