file access restrictions: improve error messages

Author: lovasoa

src/filesystem.rs

@@ -144,14 +144,18 @@ impl FileSystem {
             for (i, component) in path.components().enumerate() {
                 if let Component::Normal(c) = component {
                     if i == 0 && c.eq_ignore_ascii_case("sqlpage") {
-                        anyhow::bail!(ErrorWithStatus {
+                        return Err(ErrorWithStatus {
                             status: actix_web::http::StatusCode::FORBIDDEN,
+                        })
+                        .with_context(|| {
+                            "The /sqlpage/ path prefix is reserved for internal use. It is not public."
                         });
                     }
                     if c.as_encoded_bytes().starts_with(b".") {
-                        anyhow::bail!(ErrorWithStatus {
+                        return Err(ErrorWithStatus {
                             status: actix_web::http::StatusCode::FORBIDDEN,
-                        });
+                        })
+                        .with_context(|| "Directory traversal is not allowed");
                     }
                 } else {
                     anyhow::bail!(

src/webserver/http.rs

@@ -338,7 +338,7 @@ pub async fn main_handler(
         Ok(action) => action,
         Err(e) => {
             let e = e.context(format!(
-                "The server cannot provide what you were asking for. \n\
+                "The server was unable to fulfill your request. \n\
                 The following page is not accessible: {path_and_query:?}"
             ));
             return Err(anyhow_err_to_actix(e, app_state));