commit c05c3edd1cea2f522b6e4742f8cf86a27bc6f4a7
parent 76bf9fd02a800826056d37036cd33f927259adfa
Author: Christian Grothoff <christian@grothoff.org>
Date: Sat, 7 Mar 2026 15:40:23 +0100
not all mustach templates will be HTML, avoid setting that mime-type
Diffstat:
5 files changed, 141 insertions(+), 98 deletions(-)
diff --git a/src/exchange/taler-exchange-httpd_kyc-proof.c b/src/exchange/taler-exchange-httpd_kyc-proof.c
@@ -164,6 +164,7 @@ make_html_error (struct MHD_Connection *connection,
{
struct MHD_Response *response = NULL;
json_t *body;
+ enum GNUNET_GenericReturnValue ret;
body = GNUNET_JSON_PACK (
GNUNET_JSON_pack_allow_null (
@@ -171,15 +172,20 @@ make_html_error (struct MHD_Connection *connection,
message)),
TALER_JSON_pack_ec (
ec));
- GNUNET_break (
- GNUNET_SYSERR !=
- TALER_TEMPLATING_build (connection,
- http_status,
- template,
- NULL,
- NULL,
- body,
- &response));
+ ret = TALER_TEMPLATING_build (connection,
+ http_status,
+ template,
+ NULL,
+ NULL,
+ body,
+ &response);
+ GNUNET_break (GNUNET_SYSERR != ret);
+ if (GNUNET_SYSERR != ret)
+ GNUNET_break (MHD_NO !=
+ MHD_add_response_header (response,
+ MHD_HTTP_HEADER_CONTENT_TYPE,
+ "text/html"));
+
json_decref (body);
return response;
}
diff --git a/src/kyclogic/plugin_kyclogic_kycaid.c b/src/kyclogic/plugin_kyclogic_kycaid.c
@@ -694,7 +694,18 @@ proof_reply (void *cls)
body,
&resp);
json_decref (body);
- GNUNET_break (GNUNET_SYSERR != ret);
+ if (GNUNET_SYSERR == ret)
+ {
+ resp = NULL;
+ GNUNET_break (0);
+ }
+ else
+ {
+ GNUNET_break (MHD_NO !=
+ MHD_add_response_header (resp,
+ MHD_HTTP_HEADER_CONTENT_TYPE,
+ "text/html"));
+ }
ph->cb (ph->cb_cls,
TALER_KYCLOGIC_STATUS_PROVIDER_FAILED,
ph->pd->section,
diff --git a/src/kyclogic/plugin_kyclogic_oauth2.c b/src/kyclogic/plugin_kyclogic_oauth2.c
@@ -988,6 +988,49 @@ return_proof_response (void *cls)
/**
+ * Load a @a template and substitute using @a root, returning the result in a
+ * @a reply encoded suitable for the @a connection with the given @a
+ * http_status code. On errors, the @a http_status code
+ * is updated to reflect the type of error encoded in the
+ * @a reply.
+ *
+ * @param connection the connection we act upon
+ * @param[in,out] http_status code to use on success,
+ * set to alternative code on failure
+ * @param template basename of the template to load
+ * @param root JSON object to pass as the root context
+ * @param[out] reply where to write the response object
+ * @return #GNUNET_OK on success (reply queued), #GNUNET_NO if an error was queued,
+ * #GNUNET_SYSERR on failure (to queue an error)
+ */
+static enum GNUNET_GenericReturnValue
+templating_build (struct MHD_Connection *connection,
+ unsigned int *http_status,
+ const char *template,
+ const json_t *root,
+ struct MHD_Response **reply)
+{
+ enum GNUNET_GenericReturnValue ret;
+
+ ret = TALER_TEMPLATING_build (connection,
+ http_status,
+ template,
+ NULL,
+ NULL,
+ root,
+ reply);
+ if (GNUNET_SYSERR != ret)
+ {
+ GNUNET_break (MHD_NO !=
+ MHD_add_response_header (*reply,
+ MHD_HTTP_HEADER_CONTENT_TYPE,
+ "text/html"));
+ }
+ return ret;
+}
+
+
+/**
* The request for @a ph failed. We may have gotten a useful error
* message in @a j. Generate a failure response.
*
@@ -1038,13 +1081,11 @@ handle_proof_error (struct TALER_KYCLOGIC_ProofHandle *ph,
GNUNET_assert (NULL != body);
GNUNET_break (
GNUNET_SYSERR !=
- TALER_TEMPLATING_build (ph->connection,
- &ph->http_status,
- "oauth2-authorization-failure-malformed",
- NULL,
- NULL,
- body,
- &ph->response));
+ templating_build (ph->connection,
+ &ph->http_status,
+ "oauth2-authorization-failure-malformed",
+ body,
+ &ph->response));
json_decref (body);
return;
}
@@ -1052,13 +1093,11 @@ handle_proof_error (struct TALER_KYCLOGIC_ProofHandle *ph,
ph->http_status = MHD_HTTP_FORBIDDEN;
GNUNET_break (
GNUNET_SYSERR !=
- TALER_TEMPLATING_build (ph->connection,
- &ph->http_status,
- "oauth2-authorization-failure",
- NULL,
- NULL,
- j,
- &ph->response));
+ templating_build (ph->connection,
+ &ph->http_status,
+ "oauth2-authorization-failure",
+ j,
+ &ph->response));
}
@@ -1111,13 +1150,11 @@ converted_proof_cb (void *cls,
GNUNET_free (msg);
GNUNET_break (
GNUNET_SYSERR !=
- TALER_TEMPLATING_build (ph->connection,
- &ph->http_status,
- "oauth2-conversion-failure",
- NULL,
- NULL,
- body,
- &ph->response));
+ templating_build (ph->connection,
+ &ph->http_status,
+ "oauth2-conversion-failure",
+ body,
+ &ph->response));
json_decref (body);
ph->task = GNUNET_SCHEDULER_add_now (&return_proof_response,
ph);
@@ -1167,13 +1204,11 @@ converted_proof_cb (void *cls,
TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE));
GNUNET_break (
GNUNET_SYSERR !=
- TALER_TEMPLATING_build (ph->connection,
- &ph->http_status,
- "oauth2-conversion-failure",
- NULL,
- NULL,
- body,
- &ph->response));
+ templating_build (ph->connection,
+ &ph->http_status,
+ "oauth2-conversion-failure",
+ body,
+ &ph->response));
json_decref (body);
ph->task = GNUNET_SCHEDULER_add_now (&return_proof_response,
ph);
@@ -1202,13 +1237,11 @@ converted_proof_cb (void *cls,
TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE));
GNUNET_break (
GNUNET_SYSERR !=
- TALER_TEMPLATING_build (ph->connection,
- &ph->http_status,
- "oauth2-conversion-failure",
- NULL,
- NULL,
- body,
- &ph->response));
+ templating_build (ph->connection,
+ &ph->http_status,
+ "oauth2-conversion-failure",
+ body,
+ &ph->response));
json_decref (body);
ph->task = GNUNET_SCHEDULER_add_now (&return_proof_response,
ph);
@@ -1282,13 +1315,11 @@ parse_proof_success_reply (struct TALER_KYCLOGIC_ProofHandle *ph,
TALER_EC_EXCHANGE_GENERIC_KYC_CONVERTER_FAILED));
GNUNET_break (
GNUNET_SYSERR !=
- TALER_TEMPLATING_build (ph->connection,
- &ph->http_status,
- "oauth2-conversion-failure",
- NULL,
- NULL,
- body,
- &ph->response));
+ templating_build (ph->connection,
+ &ph->http_status,
+ "oauth2-conversion-failure",
+ body,
+ &ph->response));
json_decref (body);
}
ph->task = GNUNET_SCHEDULER_add_now (&return_proof_response,
@@ -1330,13 +1361,11 @@ handle_curl_proof_finished (void *cls,
TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE));
GNUNET_break (
GNUNET_SYSERR !=
- TALER_TEMPLATING_build (ph->connection,
- &ph->http_status,
- "oauth2-provider-failure",
- NULL,
- NULL,
- body,
- &ph->response));
+ templating_build (ph->connection,
+ &ph->http_status,
+ "oauth2-provider-failure",
+ body,
+ &ph->response));
json_decref (body);
}
break;
@@ -1428,13 +1457,11 @@ handle_curl_login_finished (void *cls,
TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE));
GNUNET_break (
GNUNET_SYSERR !=
- TALER_TEMPLATING_build (ph->connection,
- &ph->http_status,
- "oauth2-provider-failure",
- NULL,
- NULL,
- body,
- &ph->response));
+ templating_build (ph->connection,
+ &ph->http_status,
+ "oauth2-provider-failure",
+ body,
+ &ph->response));
json_decref (body);
break;
}
@@ -1457,13 +1484,11 @@ handle_curl_login_finished (void *cls,
TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE));
GNUNET_break (
GNUNET_SYSERR !=
- TALER_TEMPLATING_build (ph->connection,
- &ph->http_status,
- "oauth2-provider-failure",
- NULL,
- NULL,
- body,
- &ph->response));
+ templating_build (ph->connection,
+ &ph->http_status,
+ "oauth2-provider-failure",
+ body,
+ &ph->response));
json_decref (body);
break;
}
@@ -1494,13 +1519,11 @@ handle_curl_login_finished (void *cls,
TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE));
GNUNET_break (
GNUNET_SYSERR !=
- TALER_TEMPLATING_build (ph->connection,
- &ph->http_status,
- "oauth2-provider-failure",
- NULL,
- NULL,
- body,
- &ph->response));
+ templating_build (ph->connection,
+ &ph->http_status,
+ "oauth2-provider-failure",
+ body,
+ &ph->response));
json_decref (body);
break;
}
@@ -1617,13 +1640,11 @@ oauth2_proof (void *cls,
TALER_EC_GENERIC_PARAMETER_MALFORMED));
GNUNET_break (
GNUNET_SYSERR !=
- TALER_TEMPLATING_build (ph->connection,
- &ph->http_status,
- "oauth2-bad-request",
- NULL,
- NULL,
- body,
- &ph->response));
+ templating_build (ph->connection,
+ &ph->http_status,
+ "oauth2-bad-request",
+ body,
+ &ph->response));
json_decref (body);
ph->task = GNUNET_SCHEDULER_add_now (&return_proof_response,
ph);
@@ -1662,13 +1683,11 @@ oauth2_proof (void *cls,
euri)));
GNUNET_break (
GNUNET_SYSERR !=
- TALER_TEMPLATING_build (ph->connection,
- &ph->http_status,
- "oauth2-authentication-failure",
- NULL,
- NULL,
- body,
- &ph->response));
+ templating_build (ph->connection,
+ &ph->http_status,
+ "oauth2-authentication-failure",
+ body,
+ &ph->response));
json_decref (body);
ph->task = GNUNET_SCHEDULER_add_now (&return_proof_response,
ph);
diff --git a/src/kyclogic/plugin_kyclogic_persona.c b/src/kyclogic/plugin_kyclogic_persona.c
@@ -944,6 +944,13 @@ proof_generic_reply (struct TALER_KYCLOGIC_ProofHandle *ph,
GNUNET_break (0);
resp = NULL; /* good luck */
}
+ else
+ {
+ GNUNET_break (MHD_NO !=
+ MHD_add_response_header (resp,
+ MHD_HTTP_HEADER_CONTENT_TYPE,
+ "text/html"));
+ }
ph->cb (ph->cb_cls,
status,
ph->pd->section,
diff --git a/src/templating/templating_api.c b/src/templating/templating_api.c
@@ -330,10 +330,6 @@ TALER_TEMPLATING_build (struct MHD_Connection *connection,
MHD_add_response_header (*reply,
"Taler",
taler_uri));
- GNUNET_break (MHD_NO !=
- MHD_add_response_header (*reply,
- MHD_HTTP_HEADER_CONTENT_TYPE,
- "text/html"));
return GNUNET_OK;
}
@@ -359,6 +355,10 @@ TALER_TEMPLATING_reply (struct MHD_Connection *connection,
&reply);
if (GNUNET_SYSERR == res)
return res;
+ GNUNET_break (MHD_NO !=
+ MHD_add_response_header (reply,
+ MHD_HTTP_HEADER_CONTENT_TYPE,
+ "text/html"));
ret = MHD_queue_response (connection,
http_status,
reply);
