From 71fce71c94b1e94ae3a7af17bfc141709b61c428 Mon Sep 17 00:00:00 2001
From: ThibG <thib@sitedethib.com>
Date: Thu, 14 May 2020 23:28:06 +0200
Subject: Fix webfinger returning wrong status code on malformed or missing
 param (#13759)

Fixes #13757
---
 app/controllers/well_known/webfinger_controller.rb | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'app/controllers')

diff --git a/app/controllers/well_known/webfinger_controller.rb b/app/controllers/well_known/webfinger_controller.rb
index 480e58f3f..9de9db6ba 100644
--- a/app/controllers/well_known/webfinger_controller.rb
+++ b/app/controllers/well_known/webfinger_controller.rb
@@ -8,7 +8,8 @@ module WellKnown
     before_action :set_account
     before_action :check_account_suspension
 
-    rescue_from ActiveRecord::RecordNotFound, ActionController::ParameterMissing, with: :not_found
+    rescue_from ActiveRecord::RecordNotFound, with: :not_found
+    rescue_from ActionController::ParameterMissing, WebfingerResource::InvalidRequest, with: :bad_request
 
     def show
       expires_in 3.days, public: true
@@ -37,6 +38,10 @@ module WellKnown
       expires_in(3.minutes, public: true) && gone if @account.suspended?
     end
 
+    def bad_request
+      head 400
+    end
+
     def not_found
       head 404
     end
-- 
cgit