search

zio / zio-http

A next-generation Scala framework for building scalable, correct, and efficient HTTP clients and servers
https://zio.dev/zio-http
Apache License 2.0
787 stars 396 forks source link

Warning header loses original exception when that exception contains invalid-for-netty-headers characters #2948

Closed anqit closed 1 month ago

anqit commented 3 months ago

Describe the bug I am using zio-http and quill to build a REST service. I create a request handler via Handler.fromFunctionZIO that calls into my DB via a quill. In one instance, I forgot to lift a variable when creating the query (ie I did id == someId instead of id == lift(someId). This causes quill to throw an IllegalStateException which is then treated as a fatal defect by the quill-created (I think? I don't think that's a relevant detail) ZIO instance. With sandbox turned on for my routes, the error handling mechanism attempts to turn the error into a warning response header. However, the error text for the IllegalStateException exception has a \n character in it, which fails netty's header validation (verifyValidHeaderValueCharSequence in HttpHeaderValidationUtil.java returns the index of the first \n in the string and not -1), causing the original error to be swallowed, and the warning response header to then contain the self-fulfilling meta Schrodinger's error Validation failed for header 'warning'.

To Reproduce Steps to reproduce the behaviour:

  1. Turn on sandbox (Server.serve(routes.sandbox))
  2. Call a route handled by a ZIO via Handler.fromFunctionZIO
  3. Have this ZIO fail fatally, and include a new line character in the exception error message

Expected behaviour The original error is returned in the warning header.

jdegoes commented 2 months ago

/bounty $75 to only form proper warning headers (note that warning headers will probably be removed shortly).

algora-pbc[bot] commented 2 months ago

πŸ’Ž $75 bounty β€’ ZIO

Steps to solve:

  1. Start working: Comment /attempt #2948 with your implementation plan
  2. Submit work: Create a pull request including /claim #2948 in the PR body to claim the bounty
  3. Receive payment: 100% of the bounty is received 2-5 days post-reward. Make sure you are eligible for payouts

Thank you for contributing to zio/zio-http!

Add a bounty β€’ Share on socials

Attempt Started (GMT+0) Solution
🟑 @uurl Aug 19, 2024, 2:59:11 AM WIP
🟒 @987Nabil #3050
uurl commented 1 month ago

/attempt #2948

algora-pbc[bot] commented 1 month ago

@uurl: Reminder that in 7 days the bounty will become up for grabs, so please submit a pull request before then πŸ™

algora-pbc[bot] commented 1 month ago

πŸŽ‰πŸŽˆ @987Nabil has been awarded $75! 🎈🎊