Open issa-tseng opened 2 weeks ago
It didn't ring a bell when you mentioned it but now I'm pretty sure this was @lindsay-stevens pushing the limits with pyodk
. I think we discussed with @matthew-white and decided that we didn't need to support non-uuid instance ids. If that sounds right to everyone, I think we can close this!
Well, could we surface the error and not do anything instead of crashing? Maybe that's not any easier than just supporting that case?
we didn't need to support non-uuid instance ids
Should submissions with non-uuid instanceId values be rejected when initially submitted?
i'm not sure how the user input was inserted, but it feels like the hard crash should be addressed at least. bad input shouldn't crash the server, that's a DOS.
@issa-tseng where are you seeing the server crashing? I'm seeing the 404, but having trouble recreating the crash.
Recreated by running 20 requests in parallel:
{"message":"Could not find the resource you were looking for.","code":404.1}{"message":"Could not find the resource you were looking for.","code":404.1}{"message":"Could not find the resource you were looking for.","code":404.1}{"message":"Could not find the resource you were looking for.","code":404.1}{"message":"Could not find the resource you were looking for.","code":404.1}{"message":"Could not find the resource you were looking for.","code":404.1}{"message":"Could not find the resource you were looking for.","code":404.1}{"message":"Could not find the resource you were looking for.","code":404.1}{"message":"Could not find the resource you were looking for.","code":404.1}{"message":"Could not find the resource you were looking for.","code":404.1}{"message":"Could not find the resource you were looking for.","code":404.1}{"message":"Could not find the resource you were looking for.","code":404.1}{"message":"Could not find the resource you were looking for.","code":404.1}{"message":"Could not find the resource you were looking for.","code":404.1}{"message":"Could not find the resource you were looking for.","code":404.1}{"message":"Could not find the resource you were looking for.","code":404.1}{"message":"Could not find the resource you were looking for.","code":404.1}<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx</center>
</body>
</html>
<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx</center>
</body>
</html>
<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx</center>
</body>
</html>
It looks like the crash is caused by an unhandled error thrown by the synchronous call to selectFields()
on line 52:
the crash happens without any parallel reqs for me. my guess is you need it because docker is restarting the server faster than you can see. i click the link once my server crashes 100% of the time.
I want to be clear that I agree the crash should be prevented so glad to see #1158! I was also initially being fooled by the Docker restart.