search

hspsh / whohacks

Who is at Hackerspace Pomorze?
https://whois.at.hsp.sh
GNU General Public License v3.0
13 stars 6 forks source link

when accessing page with a wrong cookie, user is greeted with internal server error #11

Closed mrozo closed 6 years ago

mrozo commented 6 years ago

Log from an instance deployed behind apache2 + mod wsgi:

[Sun Mar 25 21:22:57.287386 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     return self.row_cache[item]                                                    
[Sun Mar 25 21:22:57.287397 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355] IndexError: list index out of range                                                
[Sun Mar 25 21:22:57.287408 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]                                                                                    
[Sun Mar 25 21:22:57.287419 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355] During handling of the above exception, another exception occurred:                
[Sun Mar 25 21:22:57.287431 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]                                                                                    
[Sun Mar 25 21:22:57.287441 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355] Traceback (most recent call last):                                                 
[Sun Mar 25 21:22:57.287453 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/usr/local/lib/python3.5/dist-packages/flask/app.py", line 1982, in wsgi_ap
p                                              
[Sun Mar 25 21:22:57.287464 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     response = self.full_dispatch_request()                                        
[Sun Mar 25 21:22:57.287476 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/usr/local/lib/python3.5/dist-packages/flask/app.py", line 1614, in full_di
spatch_request                                 
[Sun Mar 25 21:22:57.287488 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     rv = self.handle_user_exception(e)                                             
[Sun Mar 25 21:22:57.287499 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/usr/local/lib/python3.5/dist-packages/flask/app.py", line 1517, in handle_
user_exception                                 
[Sun Mar 25 21:22:57.287511 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     reraise(exc_type, exc_value, tb)                                               
[Sun Mar 25 21:22:57.287545 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/usr/local/lib/python3.5/dist-packages/flask/_compat.py", line 33, in reraise                                             
[Sun Mar 25 21:22:57.287558 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     raise value                                                                    
[Sun Mar 25 21:22:57.287569 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/usr/local/lib/python3.5/dist-packages/flask/app.py", line 1612, in full_dispatch_request                                 
[Sun Mar 25 21:22:57.287581 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     rv = self.dispatch_request()                                                   
[Sun Mar 25 21:22:57.287592 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/usr/local/lib/python3.5/dist-packages/flask/app.py", line 1598, in dispatch_request                                      
[Sun Mar 25 21:22:57.287604 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     return self.view_functions[rule.endpoint](**req.view_args)                     
[Sun Mar 25 21:22:57.287615 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/home/whois/whois/web.py", line 51, in index                               
[Sun Mar 25 21:22:57.287626 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     if current_user.is_authenticated:                                              
[Sun Mar 25 21:22:57.287638 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/usr/local/lib/python3.5/dist-packages/werkzeug/local.py", line 347, in __getattr__
[Sun Mar 25 21:22:57.287650 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     return getattr(self._get_current_object(), name)
[Sun Mar 25 21:22:57.287661 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/usr/local/lib/python3.5/dist-packages/werkzeug/local.py", line 306, in _get_current_object
[Sun Mar 25 21:22:57.287673 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     return self.__local()
[Sun Mar 25 21:22:57.287684 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/usr/local/lib/python3.5/dist-packages/flask_login/utils.py", line 26, in <lambda>
[Sun Mar 25 21:22:57.287696 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     current_user = LocalProxy(lambda: _get_user())
[Sun Mar 25 21:22:57.287707 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/usr/local/lib/python3.5/dist-packages/flask_login/utils.py", line 335, in _get_user
[Sun Mar 25 21:22:57.287719 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     current_app.login_manager._load_user()
[Sun Mar 25 21:22:57.287730 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/usr/local/lib/python3.5/dist-packages/flask_login/login_manager.py", line 359, in _load_user
[Sun Mar 25 21:22:57.287742 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     return self.reload_user()
[Sun Mar 25 21:22:57.287753 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/usr/local/lib/python3.5/dist-packages/flask_login/login_manager.py", line 321, in reload_user
[Sun Mar 25 21:22:57.287765 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     user = self.user_callback(user_id)
[Sun Mar 25 21:22:57.287776 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/home/whois/whois/web.py", line 26, in load_user
[Sun Mar 25 21:22:57.287787 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     return User.get_by_id(user_id)
[Sun Mar 25 21:22:57.287799 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/usr/local/lib/python3.5/dist-packages/peewee.py", line 5162, in get_by_id
[Sun Mar 25 21:22:57.287810 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     return cls.get(cls._meta.primary_key == pk)
[Sun Mar 25 21:22:57.287838 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/usr/local/lib/python3.5/dist-packages/peewee.py", line 5151, in get
[Sun Mar 25 21:22:57.287851 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     return sq.get()
[Sun Mar 25 21:22:57.287862 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]   File "/usr/local/lib/python3.5/dist-packages/peewee.py", line 5539, in get       
[Sun Mar 25 21:22:57.287873 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]     (clone.model, sql, params))                                                    
[Sun Mar 25 21:22:57.287885 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355] whois.database.UserDoesNotExist: <class 'whois.database.User'> instance matching query does not exist:                            
[Sun Mar 25 21:22:57.287897 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355] SQL: SELECT "t1"."id", "t1"."username", "t1"."password", "t1"."display_name", "t1"."flags" FROM "user" AS "t1" WHERE ("t1"."id" = ?) LIMIT 1 OFFSET 0                             
[Sun Mar 25 21:22:57.287913 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355] Params: [1]                                                                        
[Sun Mar 25 21:22:57.287965 2018] [wsgi:error] [pid 8653:tid 140129043506944] [remote 192.168.88.149:22355]                                                                                    
[Sun Mar 25 21:22:57.288947 2018] [wsgi:error] [pid 8653:tid 140129043506944] [2018-03-25 21:22:57,288] ERROR in web: <class 'whois.database.User'> instance matching query does not exist:    
[Sun Mar 25 21:22:57.288965 2018] [wsgi:error] [pid 8653:tid 140129043506944] SQL: SELECT "t1"."id", "t1"."username", "t1"."password", "t1"."display_name", "t1"."flags" FROM "user" AS "t1" WHERE ("t1"."id" = ?) LIMIT 1 OFFSET 0           
[Sun Mar 25 21:22:57.288980 2018] [wsgi:error] [pid 8653:tid 140129043506944] Params: [1]      
[Sun Mar 25 21:22:57.289031 2018] [wsgi:error] [pid 8653:tid 140129043506944]