From: Niels Thykier <niels@thykier.net>
Date: Sun, 21 Aug 2016 10:24:20 +0000 (+0000)
Subject: quitcgi: Return 400/500 status codes
X-Git-Tag: release/2.6.0~168
X-Git-Url: https://git.donarmstrong.com/?a=commitdiff_plain;h=235a779bdb026b6357e95053e1d7faaab87e8931;p=debbugs.git

quitcgi: Return 400/500 status codes

Signed-off-by: Niels Thykier <niels@thykier.net>
---

diff --git a/Debbugs/CGI.pm b/Debbugs/CGI.pm
index cd5f6e3f..393b4060 100644
--- a/Debbugs/CGI.pm
+++ b/Debbugs/CGI.pm
@@ -292,7 +292,9 @@ sub cgi_parameters {
 
 
 sub quitcgi {
-    my $msg = shift;
+    my ($msg, $status) = @_;
+    $status //= '500 Internal Server Error';
+    print "Status: $status\n";
     print "Content-Type: text/html\n\n";
     print fill_in_template(template=>'cgi/quit',
 			   variables => {msg => $msg}
diff --git a/cgi/bugreport.cgi b/cgi/bugreport.cgi
index 9b445ce6..7a949821 100755
--- a/cgi/bugreport.cgi
+++ b/cgi/bugreport.cgi
@@ -60,8 +60,8 @@ my %param = cgi_parameters(query => $q,
 			  );
 # This is craptacular.
 
-my $ref = $param{bug} or quitcgi("No bug number");
-$ref =~ /(\d+)/ or quitcgi("Invalid bug number");
+my $ref = $param{bug} or quitcgi("No bug number", '400 Bad Request');
+$ref =~ /(\d+)/ or quitcgi("Invalid bug number", '400 Bad Request');
 $ref = $1;
 my $short = "#$ref";
 my ($msg) = $param{msg} =~ /^(\d+)$/ if exists $param{msg};
diff --git a/cgi/pkgindex.cgi b/cgi/pkgindex.cgi
index 793cda25..a43428a6 100755
--- a/cgi/pkgindex.cgi
+++ b/cgi/pkgindex.cgi
@@ -43,14 +43,14 @@ elsif (defined $param{prev}) {
 
 my $indexon = $param{indexon};
 if ($param{indexon} !~ m/^(pkg|src|maint|submitter|tag)$/) {
-    quitcgi("You have to choose something to index on");
+    quitcgi("You have to choose something to index on", '400 Bad Request');
 }
 
 my $repeatmerged = $param{repeatmerged} eq 'yes';
 my $archive = $param{archive} eq "yes";
 my $sortby = $param{sortby};
 if ($sortby !~ m/^(alpha|count)$/) {
-    quitcgi("Don't know how to sort like that");
+    quitcgi("Don't know how to sort like that", '400 Bad Request');
 }
 
 my $Archived = $archive ? " Archived" : "";
diff --git a/cgi/pkgreport.cgi b/cgi/pkgreport.cgi
index 1ea9a17a..455df20c 100755
--- a/cgi/pkgreport.cgi
+++ b/cgi/pkgreport.cgi
@@ -275,7 +275,8 @@ if (defined $param{usertag}) {
      }
 }
 
-quitcgi("You have to choose something to select by") unless grep {exists $param{$_}} keys %package_search_keys;
+quitcgi("You have to choose something to select by", '400 Bad Request')
+  unless grep {exists $param{$_}} keys %package_search_keys;
 
 
 my $Archived = $param{archive} ? " Archived" : "";
diff --git a/examples/debian/misc/bugspam.cgi b/examples/debian/misc/bugspam.cgi
index 0e941655..46bc17f6 100755
--- a/examples/debian/misc/bugspam.cgi
+++ b/examples/debian/misc/bugspam.cgi
@@ -3,8 +3,10 @@
 use strict;
 use CGI qw(param remote_host);
 
-sub quitcgi($) {
-    my $msg = shift;
+sub quitcgi($;$) {
+    my ($msg, $status) = @_;
+    $status //= '500 Internal Server Error';
+    print "Status: $status\n";
     print "Content-Type: text/html\n\n";
     print "<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>\n";
     print "An error occurred. Dammit.\n";
@@ -13,8 +15,8 @@ sub quitcgi($) {
     exit 0;
 }
 
-my $bug = param('bug') or quitcgi('No bug specfied');
-quitcgi('No valid bug number') unless $bug =~ /^\d{3,6}$/;
+my $bug = param('bug') or quitcgi('No bug specfied', '400 Bad Request');
+quitcgi('No valid bug number', '400 Bad Request') unless $bug =~ /^\d{3,6}$/;
 my $remote_host = remote_host or quitcgi("No remote host");
 my $ok = param('ok');
 if (not defined $ok) {