Add simulated error for exceptions in view and error page (#7958)

Progress on #7868

Author: joelverhagen

src/NuGetGallery/App_Start/DefaultDependenciesModule.cs

@@ -11,6 +11,7 @@
 using System.Net.Http;
 using System.Net.Mail;
 using System.Security.Principal;
+using System.Threading;
 using System.Threading.Tasks;
 using System.Web;
 using System.Web.Hosting;
@@ -171,7 +172,7 @@ protected override void Load(ContainerBuilder builder)
                 .InstancePerLifetimeScope();
 
             var galleryDbConnectionFactory = CreateDbConnectionFactory(
-                diagnosticsService,
+                loggerFactory,
                 nameof(EntitiesContext),
                 configuration.Current.SqlConnectionString,
                 secretInjector);
@@ -262,10 +263,10 @@ protected override void Load(ContainerBuilder builder)
                 .As<IEntityRepository<PackageDeprecation>>()
                 .InstancePerLifetimeScope();
 
-            ConfigureGalleryReadOnlyReplicaEntitiesContext(builder, diagnosticsService, configuration, secretInjector);
+            ConfigureGalleryReadOnlyReplicaEntitiesContext(builder, loggerFactory, configuration, secretInjector);
 
             var supportDbConnectionFactory = CreateDbConnectionFactory(
-                diagnosticsService,
+                loggerFactory,
                 nameof(SupportRequestDbContext),
                 configuration.Current.SqlConnectionStringSupportRequest,
                 secretInjector);
@@ -451,7 +452,7 @@ protected override void Load(ContainerBuilder builder)
                     break;
             }
 
-            RegisterAsynchronousValidation(builder, diagnosticsService, configuration, secretInjector);
+            RegisterAsynchronousValidation(builder, loggerFactory, configuration, secretInjector);
 
             RegisterAuditingServices(builder, defaultAuditingService);
 
@@ -829,10 +830,13 @@ private static void RegisterAsynchronousEmailMessagingService(ContainerBuilder b
                 .InstancePerDependency();
         }
 
-        private static ISqlConnectionFactory CreateDbConnectionFactory(IDiagnosticsService diagnostics, string name,
-            string connectionString, ISecretInjector secretInjector)
+        private static ISqlConnectionFactory CreateDbConnectionFactory(
+            ILoggerFactory loggerFactory,
+            string name,
+            string connectionString,
+            ISecretInjector secretInjector)
         {
-            var logger = diagnostics.SafeGetSource($"AzureSqlConnectionFactory-{name}");
+            var logger = loggerFactory.CreateLogger($"AzureSqlConnectionFactory-{name}");
             return new AzureSqlConnectionFactory(connectionString, secretInjector, logger);
         }
 
@@ -841,13 +845,14 @@ private static DbConnection CreateDbConnection(ISqlConnectionFactory connectionF
             return Task.Run(() => connectionFactory.CreateAsync()).Result;
         }
 
-        private static void ConfigureGalleryReadOnlyReplicaEntitiesContext(ContainerBuilder builder,
-            IDiagnosticsService diagnostics,
+        private static void ConfigureGalleryReadOnlyReplicaEntitiesContext(
+            ContainerBuilder builder,
+            ILoggerFactory loggerFactory,
             ConfigurationService configuration,
             ISecretInjector secretInjector)
         {
             var galleryDbReadOnlyReplicaConnectionFactory = CreateDbConnectionFactory(
-                diagnostics,
+                loggerFactory,
                 nameof(ReadOnlyEntitiesContext),
                 configuration.Current.SqlReadOnlyReplicaConnectionString ?? configuration.Current.SqlConnectionString,
                 secretInjector);
@@ -861,11 +866,14 @@ private static void ConfigureGalleryReadOnlyReplicaEntitiesContext(ContainerBuil
                 .InstancePerLifetimeScope();
         }
 
-        private static void ConfigureValidationEntitiesContext(ContainerBuilder builder, IDiagnosticsService diagnostics,
-            ConfigurationService configuration, ISecretInjector secretInjector)
+        private static void ConfigureValidationEntitiesContext(
+            ContainerBuilder builder,
+            ILoggerFactory loggerFactory,
+            ConfigurationService configuration,
+            ISecretInjector secretInjector)
         {
             var validationDbConnectionFactory = CreateDbConnectionFactory(
-                diagnostics,
+                loggerFactory,
                 nameof(ValidationEntitiesContext),
                 configuration.Current.SqlConnectionStringValidation,
                 secretInjector);
@@ -887,8 +895,11 @@ private static void ConfigureValidationEntitiesContext(ContainerBuilder builder,
                 .InstancePerLifetimeScope();
         }
 
-        private void RegisterAsynchronousValidation(ContainerBuilder builder, IDiagnosticsService diagnostics,
-            ConfigurationService configuration, ISecretInjector secretInjector)
+        private void RegisterAsynchronousValidation(
+            ContainerBuilder builder,
+            ILoggerFactory loggerFactory,
+            ConfigurationService configuration,
+            ISecretInjector secretInjector)
         {
             builder
                 .RegisterType<NuGet.Services.Validation.ServiceBusMessageSerializer>()
@@ -914,7 +925,7 @@ private void RegisterAsynchronousValidation(ContainerBuilder builder, IDiagnosti
 
             if (configuration.Current.AsynchronousPackageValidationEnabled)
             {
-                ConfigureValidationEntitiesContext(builder, diagnostics, configuration, secretInjector);
+                ConfigureValidationEntitiesContext(builder, loggerFactory, configuration, secretInjector);
 
                 builder
                     .Register(c =>

src/NuGetGallery/Controllers/PagesController.cs

@@ -159,7 +159,13 @@ public virtual async Task<ActionResult> Privacy()
         [HttpGet]
         public virtual ActionResult SimulateError(SimulatedErrorType type = SimulatedErrorType.Exception)
         {
-            return type.MapToMvcResult();
+            switch (type)
+            {
+                case SimulatedErrorType.ExceptionInView:
+                    return View(type);
+                default:
+                    return type.MapToMvcResult();
+            }
         }
     }
 }

src/NuGetGallery/Extensions/SimulatedErrorTypeExtensions.cs

@@ -59,6 +59,7 @@ public static ActionResult MapToMvcResult(this SimulatedErrorType type)
                     throw type.MapToException();
             }
         }
+
         public static string GetMessage(this SimulatedErrorType type)
         {
             return $"{nameof(SimulatedErrorType)} {type}";
@@ -98,6 +99,9 @@ public static Exception MapToException(this SimulatedErrorType type)
                         ReasonPhrase = message,
                     });
                 case SimulatedErrorType.Exception:
+                case SimulatedErrorType.ExceptionInView:
+                case SimulatedErrorType.ExceptionInInlineErrorPage:
+                case SimulatedErrorType.ExceptionInDedicatedErrorPage:
                     return new Exception(message);
                 case SimulatedErrorType.UserSafeException:
                     return new UserSafeException(message);

src/NuGetGallery/NuGetGallery.csproj

@@ -1854,7 +1854,6 @@
     <Content Include="Areas\Admin\Views\ApiKeys\Index.cshtml" />
     <Content Include="App_Data\Files\Content\OData-Cache-Configuration.json" />
     <Content Include="App_Data\Files\Content\GitHubUsage.v1.json" />
-    <None Include="Properties\PublishProfiles\nuget-staging-frontend.pubxml" />
     <Content Include="Scripts\gallery\async-file-upload.js" />
     <Content Include="Scripts\gallery\autocomplete.js" />
     <Content Include="Scripts\gallery\bootstrap.js" />
@@ -1934,6 +1933,7 @@
     <Content Include="Views\Experiments\SearchSideBySide.cshtml" />
     <Content Include="Views\Api\HealthProbeApi.cshtml" />
     <Content Include="Views\Pages\_Enable2FA.cshtml" />
+    <Content Include="Views\Pages\SimulateError.cshtml" />
   </ItemGroup>
   <ItemGroup>
     <Service Include="{508349B6-6B84-4DF5-91F0-309BEEBAD82D}" />

src/NuGetGallery/RequestModels/SimulatedErrorType.cs

@@ -20,5 +20,8 @@ public enum SimulatedErrorType
         Exception,
         UserSafeException,
         ReadOnlyMode,
+        ExceptionInView,
+        ExceptionInInlineErrorPage,
+        ExceptionInDedicatedErrorPage,
     }
 }

src/NuGetGallery/Views/Errors/InternalError.cshtml

@@ -3,6 +3,19 @@
     Response.StatusCode = 500;
 }
 
+@if (StringComparer.OrdinalIgnoreCase.Equals(Request.Path, "/pages/simulate-error")
+     && StringComparer.OrdinalIgnoreCase.Equals(Request.QueryString["type"], SimulatedErrorType.ExceptionInInlineErrorPage.ToString()))
+{
+    throw SimulatedErrorType.ExceptionInInlineErrorPage.MapToException();
+}
+
+@if (StringComparer.OrdinalIgnoreCase.Equals(Request.Path, "/Errors/500")
+     && Request.Cookies["simulatedErrorType"] != null
+     && StringComparer.OrdinalIgnoreCase.Equals(Request.Cookies["simulatedErrorType"].Value, SimulatedErrorType.ExceptionInDedicatedErrorPage.ToString()))
+{
+    throw SimulatedErrorType.ExceptionInDedicatedErrorPage.MapToException();
+}
+
 @ViewHelpers.ErrorPage(Url, Html, "500", "Internal Server Error", @<text>
 <p>An error occurred while processing your request. We really messed up this time...</p></text>, @<text>
 <p>We have logged the error and will look into it so that it doesn't happen again; however, if you keep seeing this page, please <a href="https://github.com/NuGet/NuGetGallery/issues">file a bug!</a></p></text>)

src/NuGetGallery/Views/Pages/SimulateError.cshtml

@@ -0,0 +1,8 @@
+@model SimulatedErrorType?
+
+<section role="main" class="container main-container">
+    @if (Model == SimulatedErrorType.ExceptionInView)
+    {
+        throw Model.Value.MapToException();
+    }
+</section>

tests/NuGetGallery.FunctionalTests/ErrorHandling/ErrorHandlingTests.cs

@@ -15,15 +15,18 @@ namespace NuGetGallery.FunctionalTests.ErrorHandling
 {
     public class ErrorHandlingTests : GalleryTestBase, IDisposable
     {
+        private readonly CookieContainer _cookieContainer;
         private readonly HttpClientHandler _httpClientHandler;
         private readonly HttpClient _httpClient;
 
         public ErrorHandlingTests(ITestOutputHelper testOutputHelper) : base(testOutputHelper)
         {
+            _cookieContainer = new CookieContainer();
             _httpClientHandler = new HttpClientHandler
             {
                 AllowAutoRedirect = false,
-                UseCookies = false,
+                UseCookies = true,
+                CookieContainer = _cookieContainer,
             };
             _httpClient = new HttpClient(_httpClientHandler);
         }
@@ -34,11 +37,11 @@ public ErrorHandlingTests(ITestOutputHelper testOutputHelper) : base(testOutputH
         [Theory]
         [Priority(2)]
         [Category("P2Tests")]
-        [InlineData("__Controller::TempData", "Message=You successfully uploaded z̡̜͍̈̍̐̃̊͋́a̜̣͍̬̞̝͉̽ͧ͗l̸̖͕̤̠̹̘͖̃̌ͤg͓̝͓̰̀ͪo͈͌ 1.0.0.")]
-        public async Task RejectedCookie(string name, string value)
+        [MemberData(nameof(RejectedCookies))]
+        public async Task RejectedCookie(string relativePath, string name, string value, Action<TestResponse> validate)
         {
             // Arrange
-            var relativePath = $"/packages/{Constants.TestPackageId}";
+            _httpClientHandler.UseCookies = false;
             var requestUri = GetRequestUri(relativePath);
             using (var request = new HttpRequestMessage(HttpMethod.Get, requestUri))
             {
@@ -48,10 +51,23 @@ public async Task RejectedCookie(string name, string value)
                 var response = await GetTestResponseAsync(relativePath, request);
 
                 // Assert
-                Validator.SimpleHtml(HttpStatusCode.BadRequest)(response);
+                validate(response);
             }
         }
 
+        public static IEnumerable<object[]> RejectedCookies => new[]
+        {
+            new object[] { $"/packages/{Constants.TestPackageId}", "__Controller::TempData", "Message=You successfully uploaded z̡̜͍̈̍̐̃̊͋́a̜̣͍̬̞̝͉̽ͧ͗l̸̖͕̤̠̹̘͖̃̌ͤg͓̝͓̰̀ͪo͈͌ 1.0.0.", Validator.SimpleHtml(HttpStatusCode.BadRequest) },
+
+            new object[] { $"/packages/{Constants.TestPackageId}", "__Controller::TempData", "Message=<script>alert(1)</script>", Validator.Redirect("500") },
+
+            new object[] { $"/packages/{Constants.TestPackageId}", "__Controller::TempData", "<script>alert(1)</script>", Validator.Redirect("500") },
+
+            new object[] { "/packages", "nugetab", "<script>alert(1)</script>", Validator.PrettyInternalServerError() },
+
+            new object[] { "/packages", "nugetab", "z̡̜͍̈̍̐̃̊͋́a̜̣͍̬̞̝͉̽ͧ͗l̸̖͕̤̠̹̘͖̃̌ͤg͓̝͓̰̀ͪo͈͌", Validator.SimpleHtml(HttpStatusCode.BadRequest) },
+        };
+
         /// <summary>
         /// Verify the behavior when a URL with restricted characters is used.
         /// </summary>
@@ -93,6 +109,60 @@ public async Task PageThatDoesNotExist(string relativePath)
             Validator.PrettyHtml(HttpStatusCode.NotFound)(response);
         }
 
+        [Fact]
+        [Priority(2)]
+        [Category("P2Tests")]
+        public async Task DefaultErrorPageBehavior()
+        {
+            // Arrange & Act
+            var response = await GetTestResponseAsync("/Errors/500");
+
+            // Assert
+            Validator.PrettyInternalServerError()(response);
+        }
+
+        /// <summary>
+        /// Verify behavior when the pretty HTTP 500 page fails itself.
+        /// </summary>
+        [Fact]
+        [Priority(2)]
+        [Category("P2Tests")]
+        public async Task ErrorInErrorPageWithoutPath()
+        {
+            // Arrange
+            var cookies = new SimulatedErrorRequest(EndpointType.Pages, SimulatedErrorType.ExceptionInDedicatedErrorPage).GetCookies();
+
+            // Act
+            var response = await GetTestResponseAsync("/Errors/500", cookies);
+
+            // Assert
+            Validator.Redirect("500")(response);
+            Assert.Equal("/Errors/500?aspxerrorpath=/Errors/500", response.LocationHeader);
+        }
+
+        /// <summary>
+        /// Verify behavior when the pretty HTTP 500 page fails itself.
+        /// </summary>
+        [Fact]
+        [Priority(2)]
+        [Category("P2Tests")]
+        public async Task ErrorInErrorPageWithPathToSelf()
+        {
+            // Arrange
+            var cookies = new SimulatedErrorRequest(EndpointType.Pages, SimulatedErrorType.ExceptionInDedicatedErrorPage).GetCookies();
+
+            // Act
+            var response = await GetTestResponseAsync("/Errors/500?aspxerrorpath=/Errors/500", cookies);
+
+            // Assert
+            Validator.SimpleHtml(HttpStatusCode.InternalServerError)(response);
+            Assert.Contains(
+                "An exception occurred while processing your request. " +
+                "Additionally, another exception occurred while executing the custom error page for the first exception. " +
+                "The request has been terminated.",
+                response.Content);
+        }
+
         /// <summary>
         /// Simulate cases where application code throws different sorts of exceptions.
         /// </summary>
@@ -106,7 +176,7 @@ public async Task SimulateError(EndpointType endpointType, SimulatedErrorType si
             var request = new SimulatedErrorRequest(endpointType, simulatedErrorType);
 
             // Act
-            var response = await GetTestResponseAsync(request.GetRelativePath());
+            var response = await GetTestResponseAsync(request);
 
             // Assert
             if (!ExpectedSimulatedErrorResponses.TryGetValue(request, out var validator))
@@ -153,7 +223,13 @@ public static IEnumerable<object[]> AllTestData
             { SER(EndpointType.Api, SimulatedErrorType.Result404), Validator.PrettyHtml(HttpStatusCode.NotFound) },
             { SER(EndpointType.Api, SimulatedErrorType.Result503), Validator.SimpleHtml(HttpStatusCode.ServiceUnavailable, SimulatedErrorType.Result503) },
             { SER(EndpointType.Api, SimulatedErrorType.UserSafeException), Validator.SimpleHtml(HttpStatusCode.InternalServerError, SimulatedErrorType.UserSafeException) },
+            { SER(EndpointType.Api, SimulatedErrorType.ExceptionInView), Validator.SimpleHtml(HttpStatusCode.InternalServerError, SimulatedErrorType.ExceptionInView) },
+            { SER(EndpointType.Api, SimulatedErrorType.ExceptionInInlineErrorPage), Validator.SimpleHtml(HttpStatusCode.InternalServerError, SimulatedErrorType.ExceptionInInlineErrorPage) },
+            { SER(EndpointType.Api, SimulatedErrorType.ExceptionInDedicatedErrorPage), Validator.SimpleHtml(HttpStatusCode.InternalServerError, SimulatedErrorType.ExceptionInDedicatedErrorPage) },
             { SER(EndpointType.OData, SimulatedErrorType.Exception), Validator.Xml() },
+            { SER(EndpointType.OData, SimulatedErrorType.ExceptionInView), Validator.Xml() },
+            { SER(EndpointType.OData, SimulatedErrorType.ExceptionInInlineErrorPage), Validator.Xml() },
+            { SER(EndpointType.OData, SimulatedErrorType.ExceptionInDedicatedErrorPage), Validator.Xml() },
             { SER(EndpointType.OData, SimulatedErrorType.HttpException400), Validator.Xml() },
             { SER(EndpointType.OData, SimulatedErrorType.HttpException404), Validator.Xml() },
             { SER(EndpointType.OData, SimulatedErrorType.HttpException500), Validator.Xml() },
@@ -175,6 +251,7 @@ public static IEnumerable<object[]> AllTestData
             { SER(EndpointType.Pages, SimulatedErrorType.Result400), Validator.SimpleHtml(HttpStatusCode.BadRequest, SimulatedErrorType.Result400) },
             { SER(EndpointType.Pages, SimulatedErrorType.Result404), Validator.PrettyHtml(HttpStatusCode.NotFound) },
             { SER(EndpointType.Pages, SimulatedErrorType.Result503), Validator.SimpleHtml(HttpStatusCode.ServiceUnavailable, SimulatedErrorType.Result503) },
+            { SER(EndpointType.Pages, SimulatedErrorType.ExceptionInInlineErrorPage), Validator.Redirect("500") },
         };
 
         /// <summary>
@@ -198,14 +275,31 @@ private async Task<TestResponse> GetTestResponseAsync(string relativePath, HttpR
             }
         }
 
-        private async Task<TestResponse> GetTestResponseAsync(string relativePath)
+        private async Task<TestResponse> GetTestResponseAsync(SimulatedErrorRequest errorRequest)
+        {
+            return await GetTestResponseAsync(
+                errorRequest.GetRelativePath(),
+                errorRequest.GetCookies());
+        }
+
+        private async Task<TestResponse> GetTestResponseAsync(string relativePath, IReadOnlyDictionary<string, string> cookies)
         {
             using (var request = new HttpRequestMessage(HttpMethod.Get, GetRequestUri(relativePath)))
             {
+                foreach (var cookie in cookies)
+                {
+                    _cookieContainer.Add(new Uri(UrlHelper.BaseUrl), new Cookie { Name = cookie.Key, Value = cookie.Value });
+                }
+
                 return await GetTestResponseAsync(relativePath, request);
             }
         }
 
+        private async Task<TestResponse> GetTestResponseAsync(string relativePath)
+        {
+            return await GetTestResponseAsync(relativePath, new Dictionary<string, string>());
+        }
+
         private Uri GetRequestUri(string relativePath)
         {
             return new Uri(new Uri(UrlHelper.BaseUrl), relativePath);