Issue #2924860 by Kng, AdamPS: “Uncaught exception” page contains HTML but has...

Issue #2924860 by Kng, AdamPS: “Uncaught exception” page contains HTML but has content-type text/plain

Issue #2924860 by Kng, AdamPS: “Uncaught exception” page contains HTML but has...
c7bfe49a · Alex Pott · aea4a9b5 · c7bfe49a · c7bfe49a
Unverified Commit c7bfe49a authored 6 years ago by Alex Pott
--- a/core/lib/Drupal/Core/EventSubscriber/FinalExceptionSubscriber.php
+++ b/core/lib/Drupal/Core/EventSubscriber/FinalExceptionSubscriber.php
@@ -123,9 +123,10 @@ public function onException(GetResponseForExceptionEvent $event) {
      }
    }

+    $content_type = $event->getRequest()->getRequestFormat() == 'html' ? 'text/html' : 'text/plain';
    $content = $this->t('The website encountered an unexpected error. Please try again later.');
    $content .= $message ? '</br></br>' . $message : '';
-    $response = new Response($content, 500, ['Content-Type' => 'text/plain']);
+    $response = new Response($content, 500, ['Content-Type' => $content_type]);

    if ($exception instanceof HttpExceptionInterface) {
      $response->setStatusCode($exception->getStatusCode());

--- a/core/tests/Drupal/KernelTests/Core/Routing/ExceptionHandlingTest.php
+++ b/core/tests/Drupal/KernelTests/Core/Routing/ExceptionHandlingTest.php
@@ -157,7 +157,7 @@ public function testBacktraceEscaping() {
    $kernel = \Drupal::getContainer()->get('http_kernel');
    $response = $kernel->handle($request)->prepare($request);
    $this->assertEqual($response->getStatusCode(), Response::HTTP_INTERNAL_SERVER_ERROR);
-    $this->assertEqual($response->headers->get('Content-type'), 'text/plain; charset=UTF-8');
+    $this->assertEqual($response->headers->get('Content-type'), 'text/html; charset=UTF-8');

    // Test both that the backtrace is properly escaped, and that the unescaped
    // string is not output at all.
@@ -180,7 +180,7 @@ public function testExceptionEscaping() {
    $kernel = \Drupal::getContainer()->get('http_kernel');
    $response = $kernel->handle($request)->prepare($request);
    $this->assertEqual($response->getStatusCode(), Response::HTTP_INTERNAL_SERVER_ERROR);
-    $this->assertEqual($response->headers->get('Content-type'), 'text/plain; charset=UTF-8');
+    $this->assertEqual($response->headers->get('Content-type'), 'text/html; charset=UTF-8');

    // Test message is properly escaped, and that the unescaped string is not
    // output at all.