From 32b2bae6ef65745c4e2f3c02dd86efb90b631174 Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@arthur-schiwon.de>
Date: Thu, 25 Aug 2016 00:31:42 +0200
Subject: [PATCH] accept pages that return 401-403, show error message on other
 error codes

---
 controller/lib/bookmarks.php           |  9 ++++++++-
 controller/rest/bookmarkcontroller.php | 24 ++++++++++++++----------
 js/bookmarks.js                        |  3 +++
 3 files changed, 25 insertions(+), 11 deletions(-)

diff --git a/controller/lib/bookmarks.php b/controller/lib/bookmarks.php
index e0fe4660..58eeef26 100644
--- a/controller/lib/bookmarks.php
+++ b/controller/lib/bookmarks.php
@@ -26,6 +26,7 @@
 
 namespace OCA\Bookmarks\Controller\Lib;
 
+use GuzzleHttp\Exception\ClientException;
 use \OCP\IDb;
 
 class Bookmarks {
@@ -560,7 +561,7 @@ class Bookmarks {
 	 * @brief Load Url and receive Metadata (Title)
 	 * @param string $url Url to load and analyze
 	 * @return array Metadata for url;
-	 * @throws \Exception
+	 * @throws \Exception|ClientException
 	 */
 	public static function getURLMetadata($url) {
 		
@@ -572,6 +573,12 @@ class Bookmarks {
 			$request = \OC::$server->getHTTPClientService()->newClient()->get($url);
 			$page = $request->getBody();
 			$contentType = $request->getHeader('Content-Type');
+		} catch (ClientException $e) {
+			$errorCode = $e->getCode();
+			if(!($errorCode >= 401 && $errorCode <= 403)) {
+				// whitelist Unauthorized, Forbidden and Paid pages
+				throw $e;
+			}
 		} catch (\Exception $e) {
 			throw $e;
 		}
diff --git a/controller/rest/bookmarkcontroller.php b/controller/rest/bookmarkcontroller.php
index cd6597b6..d0a2ff18 100644
--- a/controller/rest/bookmarkcontroller.php
+++ b/controller/rest/bookmarkcontroller.php
@@ -96,16 +96,20 @@ class BookmarkController extends ApiController {
 		if ($from_own == 0) {
 			// allow only http(s) and (s)ftp
 			$protocols = '/^(https?|s?ftp)\:\/\//i';
-			if (preg_match($protocols, $url)) {
-				$data = Bookmarks::getURLMetadata($url);
-			// if not (allowed) protocol is given, assume http and https (and fetch both)
-			} else { 
-				// append https to url and fetch it
-				$url_https = 'https://' . $url;
-				$data_https = Bookmarks::getURLMetadata($url_https);
-				// append http to url and fetch it
-				$url_http = 'http://' . $url;
-				$data_http = Bookmarks::getURLMetadata($url_http);
+			try {
+				if (preg_match($protocols, $url)) {
+					$data = Bookmarks::getURLMetadata($url);
+					// if not (allowed) protocol is given, assume http and https (and fetch both)
+				} else {
+					// append https to url and fetch it
+					$url_https = 'https://' . $url;
+					$data_https = Bookmarks::getURLMetadata($url_https);
+					// append http to url and fetch it
+					$url_http = 'http://' . $url;
+					$data_http = Bookmarks::getURLMetadata($url_http);
+				}
+			} catch (\Exception $e) {
+				return new JSONResponse(array('status' => 'error'), Http::STATUS_BAD_REQUEST);
 			}
 
 			if ($title === '' && isset($data['title'])) { // prefer original url if working
diff --git a/js/bookmarks.js b/js/bookmarks.js
index 4c2ef22a..0e27a9aa 100644
--- a/js/bookmarks.js
+++ b/js/bookmarks.js
@@ -221,6 +221,9 @@ function addBookmark(event) {
 				checkEmpty();
 				watchUrlField();
 			}
+		},
+		error: function () {
+			OC.Notification.showTemporary(t('bookmarks', 'Could not add bookmark.'));
 		}
 	});
 }