demarches-normaliennes/app/controllers/application_controller/error_handling.rb

module ApplicationController::ErrorHandling
  extend ActiveSupport::Concern

  included do
    rescue_from ActionController::InvalidAuthenticityToken do
      # When some browsers (like Safari) re-open a previously closed tab, they attempts
      # to reload the page – even if it is a POST request. But in that case, they don’t
      # sends any of the cookies.
      #
      # In that case, don’t report this error.
      if request.cookies.count > 0
        log_invalid_authenticity_token_error
      end

      raise # propagate the exception up, to render the default exception page
    end
  end

  private

  def log_invalid_authenticity_token_error
    Sentry.with_scope do |temp_scope|
      tags = {
        action: "#{self.class.name}#{action_name}"
      }
      temp_scope.set_tags(tags)
      Sentry.capture_message("ActionController::InvalidAuthenticityToken")
    end
  end
end
-												app: improve InvalidAuthenticityToken logging

- Log on all controllers
- Improve description of the controller action involved
- Ignore Safari bogus requests

											
										
										
											2021-07-06 12:34:23 +02:00
+								module ApplicationController::ErrorHandling
 								  extend ActiveSupport::Concern
 								  included do
 								    rescue_from ActionController::InvalidAuthenticityToken do
-												app: display standard error page when no cookies are present

This occurs mostly when Safari attempts to perform a POST request
again (without sending any of the cookies).

In that case, our custom `422.html` page is more helpful to the user
(because it has a link to the previous page) than a "No cookies" blank
text.
											
										
										
											2021-07-06 16:04:52 +02:00
+								      # When some browsers (like Safari) re-open a previously closed tab, they attempts
 								      # to reload the page – even if it is a POST request. But in that case, they don’t
 								      # sends any of the cookies.
 								      #
 								      # In that case, don’t report this error.
 								      if request.cookies.count > 0
-												app: improve InvalidAuthenticityToken logging

- Log on all controllers
- Improve description of the controller action involved
- Ignore Safari bogus requests

											
										
										
											2021-07-06 12:34:23 +02:00
+								        log_invalid_authenticity_token_error
 								      end
-												app: display standard error page when no cookies are present

This occurs mostly when Safari attempts to perform a POST request
again (without sending any of the cookies).

In that case, our custom `422.html` page is more helpful to the user
(because it has a link to the previous page) than a "No cookies" blank
text.
											
										
										
											2021-07-06 16:04:52 +02:00
 								      raise # propagate the exception up, to render the default exception page
-												app: improve InvalidAuthenticityToken logging

- Log on all controllers
- Improve description of the controller action involved
- Ignore Safari bogus requests

											
										
										
											2021-07-06 12:34:23 +02:00
+								    end
 								  end
-												app: display standard error page when no cookies are present

This occurs mostly when Safari attempts to perform a POST request
again (without sending any of the cookies).

In that case, our custom `422.html` page is more helpful to the user
(because it has a link to the previous page) than a "No cookies" blank
text.
											
										
										
											2021-07-06 16:04:52 +02:00
+								  private
-												app: improve InvalidAuthenticityToken logging

- Log on all controllers
- Improve description of the controller action involved
- Ignore Safari bogus requests

											
										
										
											2021-07-06 12:34:23 +02:00
+								  def log_invalid_authenticity_token_error
 								    Sentry.with_scope do |temp_scope|
 								      tags = {
 								        action: "#{self.class.name}#{action_name}"
 								      }
 								      temp_scope.set_tags(tags)
 								      Sentry.capture_message("ActionController::InvalidAuthenticityToken")
 								    end
 								  end
 								end