View Issue Details

IDProjectCategoryView StatusLast Update
0023184mantisbtbugtrackerpublic2017-08-10 02:44
ReporterdregadAssigned Todregad 
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
Product Version 
Target Version2.6.0Fixed in Version2.6.0 
Summary0023184: AJAX calls with invalid endpoints fail with syntax error
Description

xmlhttprequest.php returns string unknown entry point when given an invalid endpoint (i.e. non-existing function).

This causes the AJAX call to fail with a syntax error, as it expects JSON data but receives text instead.

The code should return a proper HTTP error code instead.

Steps To Reproduce

AJAX script:

$.ajax({
    dataType: 'json',
    url: 'xmlhttprequest.php?entrypoint=undefined_function
    success: function(data) { alert(data); },
    error: function(xhr, textStatus, errorThrown) {
        console.error( 'Error', { error: errorThrown, request: this.url } );
    }
});

Console log:
22:44:32.918 Error Object { error: SyntaxError, request: "xmlhttprequest.php?entrypoint=undef…" } 1 plugin_file.php:42:5
dismiss/<.error http://localhost/mantis/plugin_file.php:42:5
n.Callbacks/i http://localhost/mantis/js/jquery-2.2.4.min.js:2:27146
n.Callbacks/j.fireWith http://localhost/mantis/js/jquery-2.2.4.min.js:2:27914
z http://localhost/mantis/js/jquery-2.2.4.min.js:4:12082
.send/c/< http://localhost/mantis/js/jquery-2.2.4.min.js:4:15619

error message: JSON.parse: unexpected character at line 1 column 1 of the JSON data

TagsNo tags attached.

Activities

Related Changesets

MantisBT: master c57a735d

2017-08-10 02:43:28

dregad

Details Diff
XHR: send HTTP 400 error for invalid entry point

Returning an HTTP error code from xmlhttprequest back to the caller
instead of just outputting some arbitrary text message ensures that the
client's call actually fails, without relying on the failure being
caused by mismatch in output type, or detecting the error by parsing the
output.

HTTP 400 (Bad Request) error code was chosen following discussion in
pull request https://github.com/mantisbt/mantisbt/pull/1139.

Fixes 0023184
mod - xmlhttprequest.php Diff File

Issue History

Date Modified Username Field Change
2017-08-04 16:49 dregad New Issue
2017-08-04 17:20 dregad Assigned To => dregad
2017-08-04 17:20 dregad Status new => assigned
2017-08-04 17:23 dregad Note Added: 0057393
2017-08-10 02:44 dregad Changeset attached => MantisBT master c57a735d
2017-08-10 02:44 dregad Status assigned => resolved
2017-08-10 02:44 dregad Resolution open => fixed
2017-08-10 02:44 dregad Fixed in Version => 2.6.0