- changed status to resolved
History (anime specific): incorrect error code for wrong creds
Issue #114
resolved
BRIEF
History (anime specific) method returns incorrect error code if request contains wrong credentials.
STEPS_TO_REPRODUCE
- Send "/2.1/anime/history/<id>" request with wrong credentials. For example, "TocoToucan:SomeWrongPassword".
- Read the response.
EXPECTED_RESULT
HTTP/1.1 401 Unauthorized
Cache-Control: no-cache
Content-Length: 24
Content-Type: application/json
Server: Microsoft-IIS/8.0
WWW-Authenticate: Basic realm="myanimelist.net"
X-Powered-By: PHP/7.0.7
X-Powered-By: ASP.NET
Set-Cookie: ARRAffinity=b96b6334c4991cf7cc4f86c76ba2f1a919857adea0e029521e8165a6e077c552;Path=/;Domain=myanimelistrt.azurewebsites.net
Date: Tue, 16 Aug 2016 17:28:58 GMT
{"error":"unauthorized"}
ACTUAL_RESULT
HTTP/1.1 500 Internal Server Error
Cache-Control: private
Content-Length: 57
Content-Type: application/json
Server: Microsoft-IIS/8.0
X-Powered-By: PHP/7.0.7
X-Powered-By: ASP.NET
Set-Cookie: ARRAffinity=b96b6334c4991cf7cc4f86c76ba2f1a919857adea0e029521e8165a6e077c552;Path=/;Domain=myanimelistrt.azurewebsites.net
Date: Tue, 16 Aug 2016 17:30:06 GMT
{"error":{"code":500,"message":"Internal Server Error"}}
ADDITIONAL_INFO
It returns correct code if request does not have Authorization header at all.
Comments (1)
-
- Log in to comment
Fix 500 in History Request
Code tried to get the user’s timezone without confirming that the login succeeded first, causing a 500 if the user credentials were incorrect. Moved timezone set to after the authentication check.
Fixes
#114→ <<cset a22a6975e60b>>