From 96de9e3a34e174e8abb3dd0bfd63fcafb15d0e98 Mon Sep 17 00:00:00 2001
From: dari-us <dasnetz@gmx.net>
Date: Thu, 29 Aug 2024 14:58:28 +0200
Subject: [PATCH] Add public/400.html file rendered on bad request

---
 actionmailbox/test/dummy/public/400.html      | 67 +++++++++++++++++++
 actionpack/CHANGELOG.md                       |  2 +-
 actiontext/test/dummy/public/400.html         | 67 +++++++++++++++++++
 activestorage/test/dummy/public/400.html      | 67 +++++++++++++++++++
 .../generators/rails/app/app_generator.rb     |  1 +
 .../rails/app/templates/public/400.html       | 67 +++++++++++++++++++
 .../test/generators/api_app_generator_test.rb |  1 +
 .../test/generators/app_generator_test.rb     |  1 +
 .../test/generators/plugin_generator_test.rb  |  1 +
 9 files changed, 273 insertions(+), 1 deletion(-)
 create mode 100644 actionmailbox/test/dummy/public/400.html
 create mode 100644 actiontext/test/dummy/public/400.html
 create mode 100644 activestorage/test/dummy/public/400.html
 create mode 100644 railties/lib/rails/generators/rails/app/templates/public/400.html

diff --git a/actionmailbox/test/dummy/public/400.html b/actionmailbox/test/dummy/public/400.html
new file mode 100644
index 0000000000000..1a9df4d52bb19
--- /dev/null
+++ b/actionmailbox/test/dummy/public/400.html
@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The server cannot process the request due to a client error (400)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  .rails-default-error-page {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  .rails-default-error-page div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  .rails-default-error-page div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  .rails-default-error-page h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  .rails-default-error-page div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body class="rails-default-error-page">
+  <!-- This file lives in public/400.html -->
+  <div class="dialog">
+    <div>
+      <h1>The server cannot process the request due to a client error.</h1>
+      <p>Please check the request and try again.</p>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md
index b107177e51999..eacb2c4ce1774 100644
--- a/actionpack/CHANGELOG.md
+++ b/actionpack/CHANGELOG.md
@@ -29,7 +29,7 @@
     We suggest replacing `params.require(:person).permit(:name, :age)`
     with the direct replacement `params.expect(person: [:name, :age])`
     to prevent external users from manipulating params to trigger 500
-    errors. A propery 400 error will be returned instead.
+    errors. A 400 error will be returned instead, using public/400.html
 
     Usage of `params.require(:id)` should likewise be replaced with
     `params.expect(:id)` which is designed to ensure that `params[:id]`
diff --git a/actiontext/test/dummy/public/400.html b/actiontext/test/dummy/public/400.html
new file mode 100644
index 0000000000000..1a9df4d52bb19
--- /dev/null
+++ b/actiontext/test/dummy/public/400.html
@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The server cannot process the request due to a client error (400)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  .rails-default-error-page {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  .rails-default-error-page div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  .rails-default-error-page div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  .rails-default-error-page h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  .rails-default-error-page div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body class="rails-default-error-page">
+  <!-- This file lives in public/400.html -->
+  <div class="dialog">
+    <div>
+      <h1>The server cannot process the request due to a client error.</h1>
+      <p>Please check the request and try again.</p>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>
diff --git a/activestorage/test/dummy/public/400.html b/activestorage/test/dummy/public/400.html
new file mode 100644
index 0000000000000..1a9df4d52bb19
--- /dev/null
+++ b/activestorage/test/dummy/public/400.html
@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The server cannot process the request due to a client error (400)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  .rails-default-error-page {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  .rails-default-error-page div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  .rails-default-error-page div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  .rails-default-error-page h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  .rails-default-error-page div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body class="rails-default-error-page">
+  <!-- This file lives in public/400.html -->
+  <div class="dialog">
+    <div>
+      <h1>The server cannot process the request due to a client error.</h1>
+      <p>Please check the request and try again.</p>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>
diff --git a/railties/lib/rails/generators/rails/app/app_generator.rb b/railties/lib/rails/generators/rails/app/app_generator.rb
index 39deff5dbee74..d5c37043043d0 100644
--- a/railties/lib/rails/generators/rails/app/app_generator.rb
+++ b/railties/lib/rails/generators/rails/app/app_generator.rb
@@ -496,6 +496,7 @@ def delete_app_views_if_api_option
 
       def delete_public_files_if_api_option
         if options[:api]
+          remove_file "public/400.html"
           remove_file "public/404.html"
           remove_file "public/406-unsupported-browser.html"
           remove_file "public/422.html"
diff --git a/railties/lib/rails/generators/rails/app/templates/public/400.html b/railties/lib/rails/generators/rails/app/templates/public/400.html
new file mode 100644
index 0000000000000..1a9df4d52bb19
--- /dev/null
+++ b/railties/lib/rails/generators/rails/app/templates/public/400.html
@@ -0,0 +1,67 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>The server cannot process the request due to a client error (400)</title>
+  <meta name="viewport" content="width=device-width,initial-scale=1">
+  <style>
+  .rails-default-error-page {
+    background-color: #EFEFEF;
+    color: #2E2F30;
+    text-align: center;
+    font-family: arial, sans-serif;
+    margin: 0;
+  }
+
+  .rails-default-error-page div.dialog {
+    width: 95%;
+    max-width: 33em;
+    margin: 4em auto 0;
+  }
+
+  .rails-default-error-page div.dialog > div {
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #BBB;
+    border-top: #B00100 solid 4px;
+    border-top-left-radius: 9px;
+    border-top-right-radius: 9px;
+    background-color: white;
+    padding: 7px 12% 0;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+
+  .rails-default-error-page h1 {
+    font-size: 100%;
+    color: #730E15;
+    line-height: 1.5em;
+  }
+
+  .rails-default-error-page div.dialog > p {
+    margin: 0 0 1em;
+    padding: 1em;
+    background-color: #F7F7F7;
+    border: 1px solid #CCC;
+    border-right-color: #999;
+    border-left-color: #999;
+    border-bottom-color: #999;
+    border-bottom-left-radius: 4px;
+    border-bottom-right-radius: 4px;
+    border-top-color: #DADADA;
+    color: #666;
+    box-shadow: 0 3px 8px rgba(50, 50, 50, 0.17);
+  }
+  </style>
+</head>
+
+<body class="rails-default-error-page">
+  <!-- This file lives in public/400.html -->
+  <div class="dialog">
+    <div>
+      <h1>The server cannot process the request due to a client error.</h1>
+      <p>Please check the request and try again.</p>
+    </div>
+    <p>If you are the application owner check the logs for more information.</p>
+  </div>
+</body>
+</html>
diff --git a/railties/test/generators/api_app_generator_test.rb b/railties/test/generators/api_app_generator_test.rb
index 350cfc0bf7568..0a0c3a100bba3 100644
--- a/railties/test/generators/api_app_generator_test.rb
+++ b/railties/test/generators/api_app_generator_test.rb
@@ -193,6 +193,7 @@ def skipped_files
          config/initializers/assets.rb
          config/initializers/content_security_policy.rb
          test/helpers
+         public/400.html
          public/404.html
          public/422.html
          public/406-unsupported-browser.html
diff --git a/railties/test/generators/app_generator_test.rb b/railties/test/generators/app_generator_test.rb
index 754b938f367e6..2c722c0bd45e0 100644
--- a/railties/test/generators/app_generator_test.rb
+++ b/railties/test/generators/app_generator_test.rb
@@ -61,6 +61,7 @@
   db/seeds.rb
   lib/tasks/.keep
   log/.keep
+  public/400.html
   public/404.html
   public/406-unsupported-browser.html
   public/422.html
diff --git a/railties/test/generators/plugin_generator_test.rb b/railties/test/generators/plugin_generator_test.rb
index f1ec86a39335f..5d58a26a37654 100644
--- a/railties/test/generators/plugin_generator_test.rb
+++ b/railties/test/generators/plugin_generator_test.rb
@@ -60,6 +60,7 @@
   test/dummy/config/routes.rb
   test/dummy/config/storage.yml
   test/dummy/log/.keep
+  test/dummy/public/400.html
   test/dummy/public/404.html
   test/dummy/public/406-unsupported-browser.html
   test/dummy/public/422.html