Reduce log noise

2025-08-08 07:28:26 +00:00 · 2024-06-16 14:29:54 +05:30 · 2024-06-16 14:29:54 +05:30 · 9362a4b9d3
commit 9362a4b9d3
parent 6c5ea59506
3 changed files with 18 additions and 20 deletions
--- a/infra/workers/cast-albums/src/index.ts
+++ b/infra/workers/cast-albums/src/index.ts
@ -42,21 +42,22 @@ const isAllowedOrigin = (origin: string | null) => {

 const handleGET = async (request: Request) => {
    const url = new URL(request.url);
-    const castToken =
-        request.headers.get("X-Cast-Access-Token") ??
-        url.searchParams.get("castToken");
+
+    const fileID = url.searchParams.get("fileID");
+    if (!fileID) return new Response(null, { status: 400 });
+
+    let castToken = request.headers.get("X-Cast-Access-Token");
+    if (!castToken) {
+        console.warn("Using deprecated castToken query param");
+        castToken = url.searchParams.get("castToken");
+    }
+
    if (!castToken) {
        console.error("No cast token provided");
        return new Response(null, { status: 400 });
    }

    const pathname = url.pathname;
-    const fileID = url.searchParams.get("fileID");
-    if (!fileID) {
-        console.error("No fileID provided");
-        return new Response(null, { status: 400 });
-    }
-
    const params = new URLSearchParams({ castToken });

    let response = await fetch(
--- a/infra/workers/public-albums/src/index.ts
+++ b/infra/workers/public-albums/src/index.ts
@ -63,6 +63,9 @@ const areAllowedHeaders = (headers: string | null) => {
 const handleGET = async (request: Request) => {
    const url = new URL(request.url);

+    const fileID = url.searchParams.get("fileID");
+    if (!fileID) return new Response(null, { status: 400 });
+
    let accessToken = request.headers.get("X-Auth-Access-Token");
    if (accessToken === undefined) {
        console.warn("Using deprecated accessToken query param");
@ -81,11 +84,6 @@ const handleGET = async (request: Request) => {
    }

    const pathname = url.pathname;
-    const fileID = url.searchParams.get("fileID");
-    if (!fileID) {
-        console.error("No fileID provided");
-        return new Response(null, { status: 400 });
-    }

    const params = new URLSearchParams();
    if (accessToken) params.set("accessToken", accessToken);
--- a/infra/workers/thumbnails/src/index.ts
+++ b/infra/workers/thumbnails/src/index.ts
@ -63,6 +63,11 @@ const areAllowedHeaders = (headers: string | null) => {
 const handleGET = async (request: Request) => {
    const url = new URL(request.url);

+    // Random bots keep trying to pentest causing noise in the logs. If the
+    // request doesn't have a fileID, we can just safely ignore it thereafter.
+    const fileID = url.searchParams.get("fileID");
+    if (!fileID) return new Response(null, { status: 400 });
+
    let token = request.headers.get("X-Auth-Token");
    if (!token) {
        console.warn("Using deprecated token query param");
@ -74,12 +79,6 @@ const handleGET = async (request: Request) => {
        // return new Response(null, { status: 400 });
    }

-    const fileID = url.searchParams.get("fileID");
-    if (!fileID) {
-        console.error("No fileID provided");
-        return new Response(null, { status: 400 });
-    }
-
    // We forward the auth token as a query parameter to museum. This is so that
    // it does not get preserved when museum does a redirect to the presigned S3
    // URL that serves the actual thumbnail.