Discourse reopens all tabs... to the wrong topic after discourse crash (server error 500)
-
Continuing the discussion from Large post breaks Discourse:
You can force an internal server error 500 by spamming [[...\]] (and variations thereof)
This may not be limited to just an error 500, but that's my repro.
General string that caused the original crash: (Several thousand pastes of:
[[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]][..\]][[\[[\\[\...\...]]]]]]]]]]]]]]]]]]]]]]]]]]]]]It opened up 5 tabs to the same topic (the first topic I had open) instead of reopening all of my various topics.
-
I wonder if it's using regexes to try to parse the lists that you're trying to make there, in which case, ReDoS is your friend.
-
Now there's something I haven't seen anyone try yet:
Anyone up to trying to create a DoS attack using regex + discourse parser?
-
I'd say you already did. ;)
-
Mine was too fat to get into the post chain, I want something that when somebody goes to quote it, discourse goes down :D
(Say, 25 characters max for bonus points?)
-
"reopening tabs" is a browser function, not a Discourse function. And URLs are all set when the page is rendered, so.. I don't know what this is, but it is not our bug.
-
How about the server dumping an HTTP 500 error? Is that not your bug?
I could imagine weirdness happening when unexpected server states occur.
-
It's fine not to be your bug. It only happens exclusively on your software which is designed to break just about every 'normal' browser behavior, the other 8 tabs loaded correctly.
But it's cool, it's just me. I wasn't reading those tabs anyway.
-
No, it's not fine in my book. "Not my bug" is only fine if you completely rule it out and that has not yet been done.
If the server vomits up a 500 and shit goes crazy, you have two problems: 1, that you created a 500 in the first place and 2. you're not coping with receiving a 500.
-
All I can think of is Discourse likely doing this:
-
Pretty much.
Also.... OOO, Discourse now tells me 58 minutes to wait before I can like something.
@codinghorror @sam Whatever logic you guys have on rate limiting, when telling the user how many hours, please round up, kthx. Telling me it's 3 hours when it's just shy of 4 hours is not clever.
-
That's actually more entertaining than what discourse is doing. My cats do this more than my dog, but I always am pleased to see them twirl about.
-
Anyone up to trying to create a DoS attack using regex + discourse parser?
Unlikely to work, we have timeouts on the JS parts, if markdown baking is taking longer than N we just stop it. Plus there are rate limits.
-
There were definitely a bunch of errors in the logs 3 hours ago, we did an upgrade during that time and got a bunch of, for a few secs after upgrade.
PG::Error: ERROR: cached plan must not change result type : SELECT "posts".* FROM "posts" WHERE ("posts"."deleted_at" IS NULL) AND "posts"."topic_id" = $1 ORDER BY post_number ASC LIMIT
Seems likely to be related.
-