Ghost/ghost
Daniel Lockyer 2659e5aa40 Added handling for parsing errors with user-submitted HTML
fix https://linear.app/tryghost/issue/SLO-87/cannot-read-properties-of-undefined-reading-createimpl-an-unexpected
refs https://github.com/jsdom/jsdom/issues/3709

- in the event we are given some HTML to parse, and that fails, we
  currently return a HTTP 500 because it's unhandled
- the instance we saw was due to `<constructor>` crashing jsdom, we've
  opened an issue for that
- in terms of handling the error gracefully, we can surround the code
  in a try-catch and return a more suitable error. I've gone for a
  ValidationError for now - you could debate whether a different one is
  more appropriate
- also added Sentry error capturing so we're not blind to these,
  ultimately we should make sure the parser can handle all
  user-submitted data
2024-05-07 17:25:48 +02:00
..
adapter-cache-memory-ttl Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
adapter-cache-redis Added an optional timeout parameter to AdapterCacheRedis (#20131) 2024-05-02 20:39:23 -07:00
adapter-manager Update TryGhost packages 2024-05-01 17:01:41 +02:00
admin Reduced Admin search re-indexes (#20154) 2024-05-07 15:24:20 +01:00
announcement-bar-settings Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
api-framework Added JSDoc types for API controllers 2024-05-07 10:49:44 +02:00
api-version-compatibility-service Fixed handling requests with mismatching version and missing key 2024-05-02 13:03:26 +02:00
audience-feedback Update TryGhost packages 2024-05-01 17:01:41 +02:00
bookshelf-repository Removed usage of yg when using NQL (#19287) 2024-01-15 14:40:01 +00:00
bootstrap-socket Update TryGhost packages 2024-05-01 17:01:41 +02:00
collections Update TryGhost packages 2024-05-01 17:01:41 +02:00
constants Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
core Added handling for parsing errors with user-submitted HTML 2024-05-07 17:25:48 +02:00
custom-theme-settings-service Update TryGhost packages 2024-05-01 17:01:41 +02:00
data-generator Update TryGhost packages 2024-05-01 17:01:41 +02:00
domain-events Update TryGhost packages 2024-05-01 17:01:41 +02:00
donations Update dependency typescript to v5.4.5 2024-04-16 09:08:58 +02:00
dynamic-routing-events Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
email-addresses Update dependency typescript to v5.4.5 2024-04-16 09:08:58 +02:00
email-analytics-provider-mailgun Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
email-analytics-service Update TryGhost packages 2024-05-01 17:01:41 +02:00
email-content-generator Update dependency fs-extra to v11.2.0 2023-11-28 11:54:44 +01:00
email-events Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
email-service Update TryGhost packages 2024-05-01 17:01:41 +02:00
email-suppression-list Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
express-dynamic-redirects Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
external-media-inliner Add Lexical support to the external-media-inliner (#19149) 2023-11-29 17:56:03 +00:00
extract-api-key Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
ghost Added ability for Actor to sign requests 2024-05-06 14:21:16 +07:00
html-to-plaintext Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
i18n 🎨 update i18n for better fit (pt-br) (#20045) 2024-04-29 09:20:07 -04:00
importer-handler-content-files Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
importer-revue Update TryGhost packages 2024-05-01 17:01:41 +02:00
in-memory-repository Update TryGhost packages 2024-05-01 08:49:04 +02:00
job-manager Update TryGhost packages 2024-05-01 17:01:41 +02:00
link-redirects Update Types packages 2023-11-08 12:13:12 +01:00
link-replacer 🐛 Fixed unexpected conversion of single-quoted attributes in HTML cards (#19727) 2024-03-06 09:11:49 +00:00
link-tracking Update TryGhost packages 2024-05-01 17:01:41 +02:00
magic-link Update dependency @types/nodemailer to v6.4.15 2024-05-06 11:55:52 +02:00
mail-events Update TryGhost packages 2024-05-01 17:01:41 +02:00
mailgun-client Update TryGhost packages 2024-05-01 17:01:41 +02:00
member-attribution Fixed extra arguments being supplied to function calls 2024-05-07 11:44:07 +02:00
member-events Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
members-api Added function names to more middleware 2024-05-06 17:51:39 +02:00
members-csv 🔒 Added escaping to member export CSV fields 2024-04-03 10:21:02 +02:00
members-events-service Update TryGhost packages 2024-05-01 17:01:41 +02:00
members-importer Fixed misc JSDoc types 2024-05-07 11:44:07 +02:00
members-ssr Update TryGhost packages 2024-05-01 17:01:41 +02:00
mentions-email-report Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
milestones Update TryGhost packages 2024-05-01 17:01:41 +02:00
minifier Update TryGhost packages 2024-05-01 17:01:41 +02:00
model-to-domain-event-interceptor Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
mw-api-version-mismatch Fixed extra arguments being supplied to function calls 2024-05-07 11:44:07 +02:00
mw-cache-control Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
mw-error-handler Fixed handling of invalid Accept-Version header 2024-05-06 12:01:08 +02:00
mw-session-from-token Added function names to more middleware 2024-05-06 17:51:39 +02:00
mw-update-user-last-seen Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
mw-version-match Update TryGhost packages 2024-05-01 17:01:41 +02:00
mw-vhost Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
nql-filter-expansions Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
oembed-service Update TryGhost packages 2024-05-01 17:01:41 +02:00
offers Update TryGhost packages 2024-05-01 17:01:41 +02:00
package-json Update TryGhost packages 2024-05-01 17:01:41 +02:00
payments Update TryGhost packages 2024-05-01 17:01:41 +02:00
post-events Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
post-revisions Added tests to AdminX framework package (#19022) 2023-11-20 11:00:51 +00:00
posts-service Update TryGhost packages 2024-05-01 17:01:41 +02:00
recommendations Update TryGhost packages 2024-05-01 17:01:41 +02:00
referrers Configured all unit tests to use dot reporter 2023-10-05 12:24:24 +02:00
security Update TryGhost packages 2024-05-01 08:49:04 +02:00
session-service Added function names to more middleware 2024-05-06 17:51:39 +02:00
settings-path-manager Update TryGhost packages 2024-05-01 17:01:41 +02:00
slack-notifications Update TryGhost packages 2024-05-01 17:01:41 +02:00
staff-service Added email address alignment protections (#19094) 2023-11-23 10:25:30 +01:00
stats-service Update Types packages 2024-04-30 22:00:55 +02:00
stripe Update TryGhost packages 2024-05-01 17:01:41 +02:00
tiers Update TryGhost packages 2024-05-01 17:01:41 +02:00
update-check-service Update TryGhost packages 2024-05-01 17:01:41 +02:00
verification-trigger Update TryGhost packages 2024-05-01 17:01:41 +02:00
version-notifications-data-service Fixed handling requests with mismatching version and missing key 2024-05-02 13:03:26 +02:00
webmentions Update TryGhost packages 2024-05-01 17:01:41 +02:00
tsconfig.json Disabled TypeScript incremental building 2023-08-09 18:27:56 +02:00