1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-24 14:30:56 +01:00
Commit graph

9 commits

Author SHA1 Message Date
epriestley
f74fa49636 Clean up a text string
Summary: Pretty sure this was me derping, not trying to make a joke.

Test Plan: New text makes sense.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D11762
2015-02-13 07:03:09 -08:00
epriestley
08126d3904 Improve top-level exception handling
Summary:
Fixes T6692. Addresses two main issues:

  - The write guard would sometimes not get disposed of on exception pathways, generating an unnecessary secondary error which was just a symptom of the original root error.
    - This was generally confusing and reduced the quality of reports we received because users would report the symptomatic error sometimes instead of the real error.
    - Instead, reflow the handling so that we always dispose of the write guard if we create one.
  - If we missed the Controller-level error page generation (normally, a nice page with full CSS, etc), we'd jump straight to Startup-level error page generation (very basic plain text).
    - A large class of errors occur too early or too late to be handled by Controller-level pages, but many of these errors are not fundamental, and the plain text page is excessively severe.
    - Provide a mid-level simple HTML error page for errors which can't get full CSS, but also aren't so fundamental that we have no recourse but plain text.

Test Plan:
Mid-level errors now produce an intentional-looking error page:

{F259885}

Verified that setup errors still render properly.

@chad, feel free to tweak the exception page -- I just did a rough pass on it. Like the setup error stuff, it doesn't have Celerity, so we can't use `{$colors}` and no other CSS will be loaded.

Reviewers: chad, btrahan

Reviewed By: btrahan

Subscribers: epriestley, chad

Maniphest Tasks: T6692

Differential Revision: https://secure.phabricator.com/D11126
2015-01-02 10:49:27 -08:00
Joshua Spence
0a62f13464 Change double quotes to single quotes.
Summary: Ran `arc lint --apply-patches --everything` over rP, mainly to change double quotes to single quotes where appropriate. These changes also validate that the `ArcanistXHPASTLinter::LINT_DOUBLE_QUOTE` rule is working as expected.

Test Plan: Eyeballed it.

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin, hach-que

Differential Revision: https://secure.phabricator.com/D9431
2014-06-09 11:36:50 -07:00
James Rhodes
3b1a1ae7e3 [SECURITY] Prevented PhabricatorSetupIssueView from exposing sensitive config options.
Summary:
Currently PhabricatorSetupIssueView will show the current values of
configuration options regardless of whether or not they are defined
as hidden options.  This means that if the MySQL server stops, Phabricator
will present the MySQL connection credentials to anyone who can access
the Phabricator page.

Test Plan:
Stop the MySQL server for a Phabricator instance.  It should display 'hidden'
instead of the MySQL password.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5596
2013-04-06 00:39:53 -07:00
epriestley
ef7f16180c Restore merge of phutil_tag. 2013-02-13 14:51:18 -08:00
epriestley
73cce6e131 Revert "Promote phutil-tag again"
This reverts commit 8fbabdc06d, reversing
changes made to 2dab1c1e42.
2013-02-13 14:08:57 -08:00
vrana
4eb84149c2 Convert everything to safe HTML
Summary: Sgrepped for `"=~/</"` and manually changed every HTML.

Test Plan: This doesn't work yet but it is hopefully one of the last diffs before Phabricator will be undoubtedly HTML safe.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4927
2013-02-13 12:35:40 -08:00
indiefan
bdecadfd11 Returning simple text error message instead of HTML for requests where HTML won't be rendered for the user. Fixes T2401.
Summary: If the check is too much, let me know. I noticed you send over __ajax__=true, so I figured it was safest to evaluate existance and value.

Test Plan: Included unit test. Would have included a test where __ajax__ and __conduit__ are not set, but without mocking this gives an uncatchable Fatal Error. If you want me to include it, just direct me on the mocking strategy.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2401

Differential Revision: https://secure.phabricator.com/D4719
2013-01-30 08:43:35 -08:00
epriestley
24845bec42 Port extension checks to new-style setup
Summary:
  - Allow new-style setup to raise fatal setup errors.
  - Port extension checks to new-style setup as fatal errors.
  - When fatal errors are raised, abort setup and show them in a chrome-free response.

Test Plan: {F29981}

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2228

Differential Revision: https://secure.phabricator.com/D4587
2013-01-22 15:16:26 -08:00