From 45a3a37aaa6fd4f6cec2f107acd3200ee0533e39 Mon Sep 17 00:00:00 2001 From: Gunnstein Lye <289744+glye@users.noreply.github.com> Date: Thu, 17 Aug 2023 15:12:44 +0200 Subject: [PATCH 1/3] Make bad request exception generic unless in debug mode --- src/Controller/GraphController.php | 18 ++++++++++++++++-- src/Resources/config/services.yaml | 1 + 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/src/Controller/GraphController.php b/src/Controller/GraphController.php index cf7608487..baeafab52 100644 --- a/src/Controller/GraphController.php +++ b/src/Controller/GraphController.php @@ -10,6 +10,7 @@ use Symfony\Component\HttpFoundation\JsonResponse; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\HttpKernel\Exception\BadRequestHttpException; use function in_array; class GraphController @@ -19,19 +20,22 @@ class GraphController private Parser $requestParser; private bool $shouldHandleCORS; private bool $useApolloBatchingMethod; + private bool $debugMode; public function __construct( BatchParser $batchParser, Executor $requestExecutor, Parser $requestParser, bool $shouldHandleCORS, - string $graphQLBatchingMethod + string $graphQLBatchingMethod, + bool $debugMode ) { $this->batchParser = $batchParser; $this->requestExecutor = $requestExecutor; $this->requestParser = $requestParser; $this->shouldHandleCORS = $shouldHandleCORS; $this->useApolloBatchingMethod = 'apollo' === $graphQLBatchingMethod; + $this->debugMode = $debugMode; } /** @@ -61,7 +65,17 @@ private function createResponse(Request $request, ?string $schemaName, bool $bat if (!in_array($request->getMethod(), ['POST', 'GET'])) { return new JsonResponse('', 405); } - $payload = $this->processQuery($request, $schemaName, $batched); + + try { + $payload = $this->processQuery($request, $schemaName, $batched); + } catch(BadRequestHttpException $e) { + if ($this->debugMode) { + throw $e; + } else { + return new JsonResponse('', 400); + } + } + $response = new JsonResponse($payload, 200); } $this->addCORSHeadersIfNeeded($response, $request); diff --git a/src/Resources/config/services.yaml b/src/Resources/config/services.yaml index 251820a79..50235ed59 100644 --- a/src/Resources/config/services.yaml +++ b/src/Resources/config/services.yaml @@ -88,6 +88,7 @@ services: - '@Overblog\GraphQLBundle\Request\Parser' - "%overblog_graphql.handle_cors%" - "%overblog_graphql.batching_method%" + - "%kernel.debug%" Overblog\GraphQLBundle\Definition\ConfigProcessor: arguments: From e1c522f79363741f6f6c4d1fa113dc657a2e7de1 Mon Sep 17 00:00:00 2001 From: Gunnstein Lye <289744+glye@users.noreply.github.com> Date: Fri, 18 Aug 2023 12:52:31 +0200 Subject: [PATCH 2/3] Add exception message to response, but not trace --- src/Controller/GraphController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Controller/GraphController.php b/src/Controller/GraphController.php index baeafab52..c73fbe9e5 100644 --- a/src/Controller/GraphController.php +++ b/src/Controller/GraphController.php @@ -72,7 +72,7 @@ private function createResponse(Request $request, ?string $schemaName, bool $bat if ($this->debugMode) { throw $e; } else { - return new JsonResponse('', 400); + return new JsonResponse($e->getMessage(), 400); } } From 2f4b23bcb064fb9ae8b5842399762bd6c8b0671c Mon Sep 17 00:00:00 2001 From: Gunnstein Lye <289744+glye@users.noreply.github.com> Date: Fri, 23 Feb 2024 15:54:25 +0100 Subject: [PATCH 3/3] Set default value for debugMode Co-authored-by: Jeremiah VALERIE --- src/Controller/GraphController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Controller/GraphController.php b/src/Controller/GraphController.php index c73fbe9e5..45f677d60 100644 --- a/src/Controller/GraphController.php +++ b/src/Controller/GraphController.php @@ -28,7 +28,7 @@ public function __construct( Parser $requestParser, bool $shouldHandleCORS, string $graphQLBatchingMethod, - bool $debugMode + bool $debugMode = false ) { $this->batchParser = $batchParser; $this->requestExecutor = $requestExecutor;