5xx status in old webhooks

readthedocs/core/views/hooks.py

@@ -90,9 +90,12 @@ def build_branches(project, branch_list):
 
 
 def get_project_from_url(url):
+    if not url:
+        return Project.objects.none()
     projects = (
         Project.objects.filter(repo__iendswith=url) |
-        Project.objects.filter(repo__iendswith=url + '.git'))
+        Project.objects.filter(repo__iendswith=url + '.git')
+    )
     return projects
 
 
@@ -278,13 +281,17 @@ def bitbucket_build(request):
                 branches = [commit.get('branch', '')
                             for commit in data['commits']]
                 repository = data['repository']
+                if not repository['absolute_url']:
+                    return HttpResponse('Invalid request', status=400)
                 search_url = 'bitbucket.org{0}'.format(
                     repository['absolute_url'].rstrip('/')
                 )
             elif version == 2:
                 changes = data['push']['changes']
                 branches = [change['new']['name']
                             for change in changes]
+                if not data['repository']['full_name']:
+                    return HttpResponse('Invalid request', status=400)
                 search_url = 'bitbucket.org/{0}'.format(
                     data['repository']['full_name']
                 )

readthedocs/rtd_tests/tests/test_post_commit_hooks.py

@@ -146,6 +146,18 @@ def test_gitlab_post_commit_knows_default_branches(self):
         rtd.default_branch = old_default
         rtd.save()
 
+    def test_gitlab_request_empty_url(self):
+        """
+        The gitlab hook shouldn't build any project
+        if the url, ssh_url or ref are empty.
+        """
+        self.payload['project']['http_url'] = ''
+        r = self.client.post(
+            '/gitlab/', data=json.dumps(self.payload),
+            content_type='application/json'
+        )
+        self.assertEqual(r.status_code, 404)
+
     def test_gitlab_webhook_is_deprecated(self):
         # Project is created after feature, not included in historical allowance
         url = 'https://github.com/rtfd/readthedocs-build'
@@ -265,6 +277,19 @@ def test_400_on_no_ref(self):
                              content_type='application/json')
         self.assertEqual(r.status_code, 400)
 
+    def test_github_request_empty_url(self):
+        """
+        The github hook shouldn't build any project
+        if the url, ssh_url or ref are empty.
+        """
+        self.payload['repository']['url'] = ''
+        self.payload['repository']['ssh_url'] = ''
+        r = self.client.post(
+            '/github/', data=json.dumps(self.payload),
+            content_type='application/json'
+        )
+        self.assertEqual(r.status_code, 403)
+
     def test_private_repo_mapping(self):
         """
         Test for private GitHub repo mapping.
@@ -534,6 +559,18 @@ def test_bitbucket_default_branch(self):
                              content_type='application/json')
         self.assertContains(r, '(URL Build) Build Started: bitbucket.org/test/project [latest]')
 
+    def test_bitbucket_request_empty_url(self):
+        """
+        The bitbucket hook shouldn't build any project
+        if the url, ssh_url or ref are empty.
+        """
+        self.git_payload['repository']['absolute_url'] = ''
+        r = self.client.post(
+            '/bitbucket/', data=json.dumps(self.git_payload),
+            content_type='application/json'
+        )
+        self.assertEqual(r.status_code, 400)
+
     def test_bitbucket_webhook_is_deprecated(self):
         # Project is created after feature, not included in historical allowance
         url = 'https://bitbucket.org/rtfd/readthedocs-build'