Skip to content

Fix: stop FileHandler after error responses#5530

Open
jungchanSon wants to merge 6 commits into
litmuschaos:masterfrom
jungchanSon:fix/file-handler-error-returns
Open

Fix: stop FileHandler after error responses#5530
jungchanSon wants to merge 6 commits into
litmuschaos:masterfrom
jungchanSon:fix/file-handler-error-returns

Conversation

@jungchanSon

@jungchanSon jungchanSon commented May 31, 2026

Copy link
Copy Markdown

Proposed changes

FileHandler now returns immediately after token validation, infra lookup, Referer parsing, or manifest generation errors. This prevents /file/:key requests from doing extra work or appending unrelated errors after the response is already committed.

Fixes #5529

Testing

Before this fix, the new regression test fails because FileHandler continues after an invalid token and calls MongoOperator.Get.

After this fix:

cd chaoscenter/graphql/server
go test ./pkg/handlers -run TestFileHandlerInvalidTokenReturnsAfterError -count=1 -v
go test ./pkg/handlers

Result:

=== RUN   TestFileHandlerInvalidTokenReturnsAfterError
--- PASS: TestFileHandlerInvalidTokenReturnsAfterError (0.00s)
PASS
ok  	github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/handlers

ok  	github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/handlers

Types of changes

  • New feature
  • Bugfix
  • Breaking change
  • Documentation Update

Checklist

  • I have read the CONTRIBUTING doc
  • I have signed the commit for DCO to be passed.
  • Lint and unit tests pass locally with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation

Dependency

None.

@jungchanSon
fix: stop file handler after error responses
bc0e24c 
Signed-off-by: sonjungchan <rnrmfjc@gmail.com>
@jungchanSon
fix: remove header in test
d2cd5bb 
Signed-off-by: sonjungchan <rnrmfjc@gmail.com>
@jungchanSon
fix: return from FileHandler when request-header context is missing
7ed03a1 
Signed-off-by: sonjungchan <rnrmfjc@gmail.com>
@PriteshKiri PriteshKiri requested a review from Copilot June 9, 2026 10:26
Copilot AI reviewed Jun 9, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes FileHandler (/file/:key) so it stops processing immediately after writing an error response, preventing additional work (e.g., DB lookups, Referer parsing, manifest generation) and avoiding multiple unrelated errors being appended after the response is committed.

Changes:

  • Add early return statements after each error response in FileHandler.
  • Replace raw HTTP status codes with net/http status constants.
  • Add a regression test ensuring an invalid token does not trigger downstream DB access or additional error messages.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
chaoscenter/graphql/server/pkg/handlers/file_handler.go Ensures handler returns immediately after writing any error response; uses http.Status* constants.
chaoscenter/graphql/server/pkg/handlers/handlers_test.go Adds a regression test to confirm invalid token errors short-circuit without DB calls or follow-on errors.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

kunalworldwide
kunalworldwide reviewed Jun 12, 2026
View reviewed changes

@kunalworldwide kunalworldwide left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch — the missing return statements after error responses meant the handler would fall through and try subsequent operations with invalid state (e.g., calling GetInfra after JWT validation failed, or parsing a URL from an empty referrer). This could lead to confusing cascaded errors in logs and potentially writing multiple response bodies.

The fix is straightforward: add return after each error response. The switch from magic numbers (500, 200) to http.StatusInternalServerError / http.StatusOK is a nice cleanup too.

The test verifies the key behavior: an invalid JWT token should produce a 500 response with the JWT error message and NOT proceed to call MongoDB or parse headers. The AssertNotCalled on the mock operator confirms the early return works.

One small observation: the err.Error() written to the response body on JWT validation failure could leak internal details to the client (token parsing error messages). For a production API you'd typically want a generic error message in the response and the detailed error only in logs. Not a regression from this PR though — it was already the pattern before.

LGTM.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@kunalworldwide kunalworldwide kunalworldwide left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@jungchanSon jungchanSon

Labels

mentorship-kr

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

bug: FileHandler continues processing after writing error responses

6 participants

@jungchanSon @kunalworldwide @suhyenim @PriteshKiri @ispeakc0de