Invalid URIs flood the log output with stack traces

[wnortje]

Invalid URLs (e.g. /index.php?s=/Index/\x5C) cause puri:uri-parse-error errors which Hunchentoot catches and then prints a stack trace to the log output. This quickly floods the log file when the app is open to the internet.

This code works around the problem

(defmethod hunchentoot:maybe-invoke-debugger ((condition puri:uri-parse-error))
  (call-next-method)
  (hunchentoot:log-message* :error "~A" condition)
  (setf (hunchentoot:return-code*) hunchentoot:+HTTP-BAD-REQUEST+)
  (hunchentoot:abort-request-handler))

A better solution is probably for easy-routes to catch these errors and convert them to Hunchentoot's native error class and then let Hunchentoot deal with them.

[mmontone]

Thanks for reporting. I'll see if I apply your solution, or something else.

[vindarel]

my 2c: I've had a couple bugs with Puri, but none with Quri: https://github.com/fukamachi/quri

;; works:
(quri:parse-uri "/index.php?s=/Index/??=?")
=>
NIL
NIL
NIL
NIL
"/index.php"
"s=/Index/??=?"
NIL

;; with Puri: uri-parse-error

etc

[mmontone]

Good to know. I may try to switch to quri then..