Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Throw HTTP 400 error when idsite is invalid #6671

Merged
merged 8 commits into from Nov 16, 2014
Merged

Throw HTTP 400 error when idsite is invalid #6671

merged 8 commits into from Nov 16, 2014

Conversation

tsteur
Copy link
Member

@tsteur tsteur commented Nov 14, 2014

#6661 When idsite is set to 0 or incorrectly, Piwik Tracker requests will send a HTTP 500 error. This causes monitoring system to be triggered when in fact this is not a server error 500 but rather it is a error 400 Bad Request. Also if forced idVisitor is wrong. Not sure if there are many other use cases we'll have to add them on demand

tsteur
tsteur reviewed Nov 14, 2014
View reviewed changes
core/Common.php
}

if (strpos(PHP_SAPI, '-fcgi') === false) {
$key = $_SERVER['SERVER_PROTOCOL'];
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SERVER_PROTOCOL should be safe and it should not be possible to inject values as the server is supposed to reject any invalid value. Let me know in case we should validate it in some way, not sure about all possible values

@mattab
Copy link
Member

mattab commented Nov 14, 2014

Looks great! 👍

@mattab mattab added this to the Piwik 2.10.0 milestone Nov 14, 2014
@tsteur
Copy link
Member Author

tsteur commented Nov 16, 2014

OK, going to merge.

tsteur added a commit that referenced this pull request Nov 16, 2014
@tsteur
Merge pull request #6671 from piwik/6661
0d967aa 
Throw HTTP 400 error when idsite is invalid
@tsteur tsteur merged commit 0d967aa into master Nov 16, 2014
@tsteur tsteur deleted the 6661 branch November 16, 2014 19:36
@tsteur tsteur added Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc. Bug For errors / faults / flaws / inconsistencies etc. and removed Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc. labels Nov 16, 2014
@tsteur tsteur self-assigned this Nov 16, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@tsteur tsteur

Labels
Bug For errors / faults / flaws / inconsistencies etc.
Projects
None yet
Milestone
2.10.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@tsteur @mattab