You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/paste/deploy/config.py", line 291, in __call__
return self.app(environ, start_response)
File "/usr/lib/python2.7/site-packages/pyramid/router.py", line 242, in __call__
response = self.invoke_subrequest(request, use_tweens=True)
File "/usr/lib/python2.7/site-packages/pyramid/router.py", line 217, in invoke_subrequest
response = handle_request(request)
File "/usr/lib/python2.7/site-packages/pyramid/tweens.py", line 46, in excview_tween
response = view_callable(exc, request)
File "/usr/lib/python2.7/site-packages/pyramid/config/views.py", line 385, in viewresult_to_response
result = view(context, request)
File "/usr/lib/python2.7/site-packages/pyramid/tweens.py", line 21, in excview_tween
response = handler(request)
File "/usr/lib/python2.7/site-packages/pyramid_tm/__init__.py", line 82, in tm_tween
reraise(*exc_info)
File "/usr/lib/python2.7/site-packages/pyramid_tm/__init__.py", line 63, in tm_tween
response = handler(request)
File "/usr/lib/python2.7/site-packages/pyramid/router.py", line 163, in handle_request
response = view_callable(context, request)
File "/usr/lib/python2.7/site-packages/pyramid/config/views.py", line 355, in rendered_view
result = view(context, request)
File "/usr/lib/python2.7/site-packages/pyramid/config/views.py", line 501, in _requestonly_view
response = view(request)
File "/usr/lib/python2.7/site-packages/bodhi/captcha.py", line 119, in captcha_image
plainkey = decrypt(cipherkey, request.registry.settings)
File "/usr/lib/python2.7/site-packages/bodhi/captcha.py", line 112, in decrypt
plaintext = engine.decrypt(ciphertext, ttl=int(settings['captcha.ttl']))
File "/usr/lib64/python2.7/site-packages/cryptography/fernet.py", line 93, in decrypt
raise InvalidToken
InvalidToken
The text was updated successfully, but these errors were encountered:
The main case here is where we handle HTTPGone. The vast majority of our
production tracebacks are from here where (somehow) people are loading forms
that generate captchas (which works) and then way later, they are requesting
those same captcha images again (over 300 seconds later.. that's like 5
minutes). I *bet* this is happening if someone has a bodhi update page open,
and then their browser crashes and tries to restore its previous state, or
something like that.
Anyways, this patch adds a catch to that main "captcha is expired"
``InvalidToken`` traceback that is spamming our logs. It turns it into a 410
Gone statuscode, which makes sense. While testing it, I tried passing in
garbage which generated a different ``TypeError`` from the base64 module, so I
caught that too.
Fixes#237.
The main case here is where we handle HTTPGone. The vast majority of our
production tracebacks are from here where (somehow) people are loading forms
that generate captchas (which works) and then way later, they are requesting
those same captcha images again (over 300 seconds later.. that's like 5
minutes). I *bet* this is happening if someone has a bodhi update page open,
and then their browser crashes and tries to restore its previous state, or
something like that.
Anyways, this patch adds a catch to that main "captcha is expired"
``InvalidToken`` traceback that is spamming our logs. It turns it into a 410
Gone statuscode, which makes sense. While testing it, I tried passing in
garbage which generated a different ``TypeError`` from the base64 module, so I
caught that too.
Fixes#237.
Traceback from production:
The text was updated successfully, but these errors were encountered: