diff --git a/requirements.txt b/requirements.txt index bc079195938..ddbddcd3b5f 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ -canonicalwebteam.flask-base==0.9.3 +canonicalwebteam.flask-base==1.0.2 alembic==1.7.5 canonicalwebteam.http==1.0.3 canonicalwebteam.blog==6.4.0 @@ -27,5 +27,3 @@ macaroonbakery==1.3.1 sortedcontainers==2.4.0 vcrpy-unittest==0.1.7 webargs==7.0.1 -markupsafe==2.0.1 -itsdangerous==2.0.1 diff --git a/templates/404.html b/templates/404.html index 06901bcfa2e..d636f74468f 100755 --- a/templates/404.html +++ b/templates/404.html @@ -20,11 +20,13 @@

404: Page not found

- {% if message %} -

{{ message }}

- {% else %} -

Sorry, we couldn't find that page.

- {% endif %} +

+ {% if message %} + {{ message }} + {% else %} + Sorry, we couldn't find that page. + {% endif %} +

diff --git a/webapp/app.py b/webapp/app.py index 5650aabeb3f..eea346f3894 100644 --- a/webapp/app.py +++ b/webapp/app.py @@ -193,21 +193,23 @@ # Error pages @app.errorhandler(400) def bad_request_error(error): - return flask.render_template("400.html"), 400 + return flask.render_template("400.html", message=error.description), 400 -@app.errorhandler(SecurityAPIError) -def security_api_error(error): +@app.errorhandler(410) +def deleted_error(error): + return flask.render_template("410.html", message=error.description), 410 - message = error.response.json().get("message") - if error.response.status_code == 404: - return flask.render_template("404.html", message=message), 404 - else: - return ( - flask.render_template("security-error-500.html", message=message), - 500, - ) +@app.errorhandler(SecurityAPIError) +def security_api_error(error): + return ( + flask.render_template( + "security-error-500.html", + message=error.response.json().get("message"), + ), + 500, + ) @app.errorhandler(UAContractsValidationError) @@ -265,11 +267,6 @@ def ua_contracts_api_error_view(error): return flask.render_template("500.html"), 500 -@app.errorhandler(410) -def deleted_error(error): - return flask.render_template("410.html"), 410 - - # Template context @app.context_processor def context(): diff --git a/webapp/security/api.py b/webapp/security/api.py index e5afe77f813..a1d8809ce72 100644 --- a/webapp/security/api.py +++ b/webapp/security/api.py @@ -21,14 +21,12 @@ def _get(self, path: str, params={}): Defines get request set up, returns data if succesful, raises HTTP errors if not """ + uri = f"{self.base_url}{path}" response = self.session.get(uri, params=params) - try: - response.raise_for_status() - except HTTPError as error: - raise SecurityAPIError(error) + response.raise_for_status() return response @@ -40,7 +38,15 @@ def get_cve( Makes request for specific cve_id, returns json object if found """ - return self._get(f"cves/{id.upper()}.json").json() + + try: + cve_response = self._get(f"cves/{id.upper()}.json") + except HTTPError as error: + if error.response.status_code == 404: + return None + raise SecurityAPIError(error) + + return cve_response.json() def get_releases(self): """ @@ -48,4 +54,9 @@ def get_releases(self): returns json object if found """ - return self._get("releases.json").json() + try: + releases_response = self._get("releases.json") + except HTTPError as error: + raise SecurityAPIError(error) + + return releases_response.json() diff --git a/webapp/security/views.py b/webapp/security/views.py index 5854a21b0df..ac0e4d123f9 100644 --- a/webapp/security/views.py +++ b/webapp/security/views.py @@ -723,7 +723,7 @@ def cve(cve_id): cve = security_api.get_cve(cve_id) if not cve: - flask.abort(404) + flask.abort(404, f"Cannot find a CVE with ID '{cve_id}'") if cve.get("published"): cve["published"] = dateutil.parser.parse(cve["published"]).strftime(