From 344ed24c21a147ebfa7d381e2e878374a7db8a4a Mon Sep 17 00:00:00 2001
From: Kenneth Lee <kenfodder@gmail.com>
Date: Mon, 16 Dec 2024 14:31:59 +0000
Subject: [PATCH] CAPT-1953 - Initial attempt to silence repeated unwanted
 requests

---
 app/controllers/application_controller.rb |  4 +++
 config/routes.rb                          | 15 ++++++++
 spec/routes/routes_spec.rb                | 42 +++++++++++++++++++++++
 3 files changed, 61 insertions(+)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 371be87547..2f1e90e448 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -3,6 +3,10 @@ class ApplicationController < ActionController::Base
 
   helper_method :timeout_warning_in_minutes
 
+  def handle_unwanted_requests
+    render file: Rails.root.join("public", "404.html"), status: :not_found, layout: false
+  end
+
   private
 
   def timeout_warning_in_minutes
diff --git a/config/routes.rb b/config/routes.rb
index 3d62b88694..1329da7e34 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -165,4 +165,19 @@ def matches?(request)
       end
     end
   end
+
+  # We still want to know about 404s in case of missing a route, but silence a whitelist instead to reduce the noise in Rollbar
+  # This is not exhastive, so add more if there are obvious requests to ignore
+
+  # 404 - extensions we don't expect
+  match "*path", to: "application#handle_unwanted_requests", via: :all, constraints: lambda { |req| req.path =~ %r{\.(axd|asp|aspx|htm|html|php|php7|pl|txt|xml)$}i }
+
+  # 404 - git folders
+  match "*path", to: "application#handle_unwanted_requests", via: :all, constraints: lambda { |req| req.path =~ %r{^/\.git/config$}i }
+
+  # 404 - hard-coded apple icons - gov uk seems to 404 these as well
+  match "*path", to: "application#handle_unwanted_requests", via: :all, constraints: lambda { |req| req.path =~ %r{^/apple-touch-icon(-120x120)?(-precomposed)?\.png$}i }
+
+  # 404 - wordpress pages
+  match "*path", to: "application#handle_unwanted_requests", via: :all, constraints: lambda { |req| req.path =~ %r{^/(wordpress|wp|wp-admin|wp-content)}i }
 end
diff --git a/spec/routes/routes_spec.rb b/spec/routes/routes_spec.rb
index f93c58885e..d37e9b07f8 100644
--- a/spec/routes/routes_spec.rb
+++ b/spec/routes/routes_spec.rb
@@ -47,4 +47,46 @@
       expect(get: "admin/claims/#{claim.id}/tasks/foo").not_to be_routable
     end
   end
+
+  describe "Silence unwanted request from causing a Rollbar error and render a 404" do
+    context "unwanted extensions" do
+      it "returns a 404" do
+        %w[axd asp aspx htm html php php7 pl txt xml].each do |extension|
+          expect(get: "foo.#{extension}").to route_to(controller: "application", action: "handle_unwanted_requests", path: "foo", format: extension)
+        end
+      end
+    end
+
+    context "git" do
+      it "returns a 404" do
+        expect(get: ".git/config").to route_to(controller: "application", action: "handle_unwanted_requests", path: ".git/config")
+      end
+    end
+
+    context "apple icons" do
+      it "returns a 404" do
+        %w[
+          apple-touch-icon
+          apple-touch-icon-120x120-precomposed
+          apple-touch-icon-120x120
+          apple-touch-icon-precomposed
+        ].each do |path|
+          expect(get: "#{path}.png").to route_to(controller: "application", action: "handle_unwanted_requests", path: path, format: "png")
+        end
+      end
+    end
+
+    context "wordpress" do
+      it "returns a 404" do
+        %w[
+          wordpress
+          wp
+          wp-admin
+          wp-content
+        ].each do |path|
+          expect(get: path).to route_to(controller: "application", action: "handle_unwanted_requests", path: path)
+        end
+      end
+    end
+  end
 end