Visual html errors for 403 and 429

lovasoa · lovasoa · commit 172e0b2e6b81 · 2025-09-15T10:58:05.000+02:00
Refactor HTTP unauthorized response

Use a builder to set the content type and WWW-Authenticate header on the
unauthorized response.

Also, remove unnecessary downcast and improve the handling of
`sqlx::Error::PoolTimedOut`.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,7 @@
  - fixed decoding of UUID values
  - Fixed handling of NULL values in `sqlpage.link`. They were encoded as the string `'null'` instead of being omitted from the link's parameters.
  - Enable submenu autoclosing (on click) in the shell. This is not ideal, but this prevents a bug introduced in v0.36.0 where the page would scroll back to the top when clicking anywhere on the page after navigating from a submenu. The next version will fix this properly. See https://github.com/sqlpage/SQLPage/issues/1011
+ - Adopt the new nice visual errors introduced in v0.37.1 for "403 Forbidden" and "429 Too Many Requests" errors.
 
 ## v0.37.0
  - We now cryptographically sign the Windows app during releases, which proves the file hasn’t been tampered with. Once the production certificate is active, Windows will show a "verified publisher" and should stop showing screens saying "This app might harm your device", "Windows protected your PC" or "Are you sure you want to run this application ?". 
diff --git a/src/render.rs b/src/render.rs
@@ -48,6 +48,7 @@ use crate::webserver::ErrorWithStatus;
 use crate::AppState;
 use actix_web::cookie::time::format_description::well_known::Rfc3339;
 use actix_web::cookie::time::OffsetDateTime;
+use actix_web::http::header::ContentType;
 use actix_web::http::{header, StatusCode};
 use actix_web::{HttpResponse, HttpResponseBuilder, ResponseError};
 use anyhow::{bail, format_err, Context as AnyhowContext};
@@ -323,10 +324,15 @@ impl HeaderContext {
                     Redirecting to the login page...",
                 )
         } else {
-            ErrorWithStatus {
-                status: StatusCode::UNAUTHORIZED,
-            }
-            .error_response()
+            let mut resp_builder = actix_web::HttpResponse::build(StatusCode::UNAUTHORIZED);
+            resp_builder.content_type(ContentType::plaintext());
+            resp_builder.insert_header((
+                header::WWW_AUTHENTICATE,
+                header::HeaderValue::from_static(
+                    "Basic realm=\"Authentication required\", charset=\"UTF-8\"",
+                ),
+            ));
+            resp_builder.body("Sorry, but you are not authorized to access this page.")
         };
         self.has_status = true;
         Ok(PageContext::Close(http_response))
diff --git a/src/webserver/error.rs b/src/webserver/error.rs
@@ -56,32 +56,29 @@ fn anyhow_err_to_actix_resp(e: &anyhow::Error, state: &AppState) -> HttpResponse
     let mut resp = HttpResponseBuilder::new(StatusCode::INTERNAL_SERVER_ERROR);
     resp.insert_header((header::CONTENT_TYPE, header::ContentType::plaintext()));
 
-    if let Some(status_err @ &ErrorWithStatus { .. }) = e.downcast_ref() {
-        status_err.error_response()
+    if let Some(&ErrorWithStatus { status }) = e.downcast_ref() {
+        resp.status(status);
     } else if let Some(sqlx::Error::PoolTimedOut) = e.downcast_ref() {
         use rand::Rng;
-        resp.status(StatusCode::TOO_MANY_REQUESTS)
-            .insert_header((
-                header::RETRY_AFTER,
-                header::HeaderValue::from(rand::rng().random_range(1..=15)),
-            ))
-            .body("The database is currently too busy to handle your request. Please try again later.".to_owned())
-    } else {
-        match error_to_html_string(state, e) {
-            Ok(body) => {
-                resp.insert_header((header::CONTENT_TYPE, header::ContentType::html()));
-                resp.body(body)
-            }
-            Err(second_err) => {
-                log::error!("Unable to render error: {e:#}");
-                resp.body(format!(
-                    "A second error occurred while rendering the error page: \n\n\
+        resp.status(StatusCode::TOO_MANY_REQUESTS).insert_header((
+            header::RETRY_AFTER,
+            header::HeaderValue::from(rand::rng().random_range(1..=15)),
+        ));
+    }
+    match error_to_html_string(state, e) {
+        Ok(body) => {
+            resp.insert_header((header::CONTENT_TYPE, header::ContentType::html()));
+            resp.body(body)
+        }
+        Err(second_err) => {
+            log::error!("Unable to render error: {e:#}");
+            resp.body(format!(
+                "A second error occurred while rendering the error page: \n\n\
                 Initial error: \n\
                 {e:#}\n\n\
                 Second error: \n\
                 {second_err:#}"
-                ))
-            }
+            ))
         }
     }
 }
