Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Infinite loop when middleware creates a 404 response #10735

Closed
1 task done
lilnasy opened this issue Apr 10, 2024 · 4 comments
Closed
1 task done

Infinite loop when middleware creates a 404 response #10735

lilnasy opened this issue Apr 10, 2024 · 4 comments
Labels
- P5: urgent Fix build-breaking bugs affecting most users, should be released ASAP (priority) feat: error pages Related to 404 and 500 handling (scope) feat: middleware Related to middleware (scope) regression

Comments

@lilnasy
Copy link
Contributor

lilnasy commented Apr 10, 2024
edited
Loading

Astro Info

Astro                    v4.5.17
Node                     v20.11.1
System                   Windows (x64)
Package Manager          unknown
Output                   static
Adapter                  none
Integrations             none

If this issue only occurs in one browser, which browser is a problem?

No response

Describe the Bug

Quoting #8100 (comment)

...there is no way now to return any 404 in the middleware, it always ends up in an infinite loop, even if I create a static 404 page. I'm now forced to diverge from security best practices and return a 403 instead. This way there is no endless loop.

What's the expected result?

Server does NOT recursively call itself. Context: "Recursive rerouting" section of withastro/roadmap#681.

Link to Minimal Reproducible Example

astro/packages/astro/test/fixtures/custom-404-loop-case-3/src/middleware.js

Line 4 in 2acea4d

return new Response(response.body, { ...response, status: 404 })
(skipped in #10084)

astro/packages/astro/test/custom-404-implicit-rerouting.test.js

Lines 35 to 36 in 2acea4d

it.skip(
'dev server stays responsive',

Participation

  • I am willing to submit a pull request for this issue.
@github-actions github-actions bot added the needs triage Issue needs to be triaged label Apr 10, 2024
@lilnasy lilnasy added - P5: urgent Fix build-breaking bugs affecting most users, should be released ASAP (priority) feat: middleware Related to middleware (scope) feat: error pages Related to 404 and 500 handling (scope) regression and removed needs triage Issue needs to be triaged labels Apr 10, 2024
@lilnasy lilnasy mentioned this issue Apr 10, 2024
Merged
@lilnasy
Copy link
Contributor Author

lilnasy commented Apr 10, 2024

@kyr0 Did you encounter the loop in production with the node adapter or just the dev server?

@lilnasy
Copy link
Contributor Author

lilnasy commented Apr 10, 2024

The tests passed with the test adapter. Confirming that the node adapter is unaffected before closing.

@lilnasy
Copy link
Contributor Author

lilnasy commented Apr 10, 2024

Unaffected.

@lilnasy lilnasy closed this as completed Apr 10, 2024
@lilnasy lilnasy changed the title Infinite loops and runaway billing when middleware creates a 404 response Infinite loop when middleware creates a 404 response Apr 10, 2024
@kyr0
Copy link

kyr0 commented Apr 13, 2024
edited
Loading

@lilnasy This happens in development with the Node adapter and affects a production deployment with the Vercel adapter, but only if the output is set to hybrid. I changed to server and now and everything is nice and shiny again. A side-effect of this on Vercel is a very nasty 405 Method not allowed error that is basically undebuggable as there isn't a request shown in the logs even. Can be reproduced using curl; so it's independent of the client and it's params. Of course I did call an existing HTTP method - well, with an endpoint that would return a 404 of course ;) All this was "fixed" immediately after switching from hybrid to server.

If I had more time, I'd provide a minimal reproduction example. Maybe I can manage to do this in the next week(s). The issue is definitely still affecting code in the wild.

@kyr0 kyr0 mentioned this issue Apr 13, 2024
Closed
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
- P5: urgent Fix build-breaking bugs affecting most users, should be released ASAP (priority) feat: error pages Related to 404 and 500 handling (scope) feat: middleware Related to middleware (scope) regression
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kyr0 @lilnasy