diff --git a/CHANGELOG.md b/CHANGELOG.md
index 14653a33c..488d0e947 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -15,6 +15,7 @@
from the database when the group is deleted.
* Fixed race conditions in the `setText`, `appendText`, and `restoreRevision`
functions (HTTP API).
+* Fixed a crash if the database is busy enough to cause a query timeout.
#### For plugin authors
diff --git a/src/node/hooks/express/padurlsanitize.js b/src/node/hooks/express/padurlsanitize.js
index b805fc4ba..ff1afa477 100644
--- a/src/node/hooks/express/padurlsanitize.js
+++ b/src/node/hooks/express/padurlsanitize.js
@@ -4,24 +4,27 @@ const padManager = require('../../db/PadManager');
exports.expressCreateServer = (hookName, args, cb) => {
// redirects browser to the pad's sanitized url if needed. otherwise, renders the html
- args.app.param('pad', async (req, res, next, padId) => {
- // ensure the padname is valid and the url doesn't end with a /
- if (!padManager.isValidPadId(padId) || /\/$/.test(req.url)) {
- res.status(404).send('Such a padname is forbidden');
- return;
- }
+ args.app.param('pad', (req, res, next, padId) => {
+ (async () => {
+ // ensure the padname is valid and the url doesn't end with a /
+ if (!padManager.isValidPadId(padId) || /\/$/.test(req.url)) {
+ res.status(404).send('Such a padname is forbidden');
+ return;
+ }
- const sanitizedPadId = await padManager.sanitizePadId(padId);
+ const sanitizedPadId = await padManager.sanitizePadId(padId);
- if (sanitizedPadId === padId) {
- // the pad id was fine, so just render it
- next();
- } else {
- // the pad id was sanitized, so we redirect to the sanitized version
- const realURL = encodeURIComponent(sanitizedPadId) + new URL(req.url, 'http://invalid.invalid').search;
- res.header('Location', realURL);
- res.status(302).send(`You should be redirected to ${realURL}`);
- }
+ if (sanitizedPadId === padId) {
+ // the pad id was fine, so just render it
+ next();
+ } else {
+ // the pad id was sanitized, so we redirect to the sanitized version
+ const realURL =
+ encodeURIComponent(sanitizedPadId) + new URL(req.url, 'http://invalid.invalid').search;
+ res.header('Location', realURL);
+ res.status(302).send(`You should be redirected to ${realURL}`);
+ }
+ })().catch((err) => next(err || new Error(err)));
});
return cb();
};