Closed lennartdohmann closed 3 weeks ago
@unglaublicherdude
This is the new error message we are not able to customize for the end user.
30.0.1 will remove the exit in sendResponse: https://github.com/nextcloud/server/commit/337df1f7600c32c91543dcfef9d476b4f49e85cc
One more question: Only for sever version 30? I think the ‘exit()’ has been already backported into all major versions in these PR's, or am I seeing this wrong? Or will this change also be backported from 30.0.1 onwards? Thanks!
The backports for 25, 26 and 27 were corrected before merging. For 28 and 29 a follow-up exists to remove the exit again together with other fixes.
⚠️ This issue respects the following points: ⚠️
Bug description
The PR linked here has caused a change in behavior for us (G DATA CyberDefense AG with our antivirus app) with undesirable consequences for the end customer.
Our app hooks into the upload process during file uploads to check a file for unwanted content during upload. If malware is found, the upload is blocked and the user receives a corresponding self defined error message.
This is exactly where we have been throwing this exception so far.
Before the PR, this led to us getting this error message when uploading via the HTTP API:
When uploading via the UI, the customer was shown our defined error message.
After merging this PR, the error message via the API is now as follows for us and the end customer:
When debugging, we noticed that a new listener is called on 'exception' and this is called. This listener calls sendResponse what causes an exit() here. This exit causes that our custom error message is no longer displayed to the end customer.
Steps to reproduce
Expected behavior
The code after this try/catch block previously caused our own error message to come through, but due to the exit in the Emit() as described above, this code is no longer executed.
Nextcloud Server version
30
Operating system
Debian/Ubuntu
PHP engine version
PHP 8.1
Web server
Apache (supported)
Database engine version
SQlite
Is this bug present after an update or on a fresh install?
Fresh Nextcloud Server install
Are you using the Nextcloud Server Encryption module?
Encryption is Disabled
What user-backends are you using?
Configuration report
List of activated Apps
Nextcloud Signing status
No response
Nextcloud Logs
No response
Additional info
No response