/**
* Log CSP report, with a different severity depending on $flags
- * @param $flags Array Flags for this report
- * @param $logLine String text of log entry
- * @param $context Array logging context
+ * @param array $flags Flags for this report
+ * @param string $logLine text of log entry
+ * @param array $context logging context
*/
private function logReport( $flags, $logLine, $context ) {
if ( in_array( 'false-positive', $flags ) ) {
/**
* Get extra notes about the report.
*
- * @param $report Array The CSP report
- * @return Array
+ * @param array $report The CSP report
+ * @return array
*/
private function getFlags( $report ) {
$reportOnly = $this->getParameter( 'reportonly' );
$req = $this->getRequest();
$contentType = $req->getHeader( 'content-type' );
if ( $contentType !== 'application/json'
- && $contentType !=='application/csp-report'
+ && $contentType !== 'application/csp-report'
) {
$this->error( 'wrongformat', __METHOD__ );
}
}
$status = FormatJson::parse( $postBody, FormatJson::FORCE_ASSOC );
if ( !$status->isGood() ) {
- list( $code, ) = $this->getErrorFromStatus( $status );
- $this->error( $code, __METHOD__ );
+ $msg = $status->getErrors()[0]['message'];
+ if ( $msg instanceof Message ) {
+ $msg = $msg->getKey();
+ }
+ $this->error( $msg, __METHOD__ );
}
$report = $status->getValue();
/**
* Get text of log line.
*
- * @param $flags Array of additional markers for this report
- * @param $report Array the csp report
- * @return String Text to put in log
+ * @param array $flags of additional markers for this report
+ * @param array $report the csp report
+ * @return string Text to put in log
*/
private function generateLogLine( $flags, $report ) {
$flagText = '';
/**
* Stop processing the request, and output/log an error
*
- * @param $code String error code
- * @param $method String method that made error
- * @throws UsageException Always
+ * @param string $code error code
+ * @param string $method method that made error
+ * @throws ApiUsageException Always
*/
private function error( $code, $method ) {
$this->log->info( 'Error reading CSP report: ' . $code, [
'method' => $method,
'user-agent' => $this->getRequest()->getHeader( 'user-agent' )
] );
- // 500 so it shows up in browser's developer console.
- $this->dieUsage( "Error processing CSP report: $code", 'cspreport-' . $code, 500 );
+ // Return 400 on error for user agents to display, e.g. to the console.
+ $this->dieWithError(
+ [ 'apierror-csp-report', wfEscapeWikiText( $code ) ], 'cspreport-' . $code, [], 400
+ );
}
public function getAllowedParams() {
dépôts / lhc / web / wiklou.git / blobdiff