Prevent sending multiple or mixed responses on a single request

sanic/app.py

@@ -66,6 +66,7 @@
     URLBuildError,
 )
 from sanic.handlers import ErrorHandler
+from sanic.http import Stage
 from sanic.log import LOGGING_CONFIG_DEFAULTS, Colors, error_logger, logger
 from sanic.mixins.listeners import ListenerEvent
 from sanic.models.futures import (
@@ -733,6 +734,47 @@ async def handle_exception(
             context={"request": request, "exception": exception},
         )
 
+        if (
+            request.stream is not None
+            and request.stream.stage is not Stage.HANDLER
+        ):
+            error_logger.exception(exception, exc_info=True)
+            logger.error(
+                "The error response will not be sent to the client for "
+                f'the following exception:"{exception}". A previous response '
+                "has at least partially been sent."
+            )
+
+            # ----------------- deprecated -----------------
+            if self.error_handler._lookup(
+                exception, request.name if request else None
+            ):
+                logger.warning(
+                    "An error occurs during the response process, "
+                    "Sanic no longer execute that exception handler "
+                    "beginning in v22.6 because the error page generated "
+                    "by the exception handler won't be sent to the client "
+                    "because another response was at least partially sent "
+                    "The exception handler should only be used to generate "
+                    "the error page, and if you would like to perform any "
+                    "other action for an exception raised, please consider "
+                    "using a signal handler, like "
+                    '`@app.signal("http.lifecycle.exception")`\n'
+                    "Sanic signals detailed docs: "
+                    "https://sanicframework.org/en/guide/advanced/"
+                    "signals.html"
+                )
+                try:
+                    response = self.error_handler.response(request, exception)
+                    if isawaitable(response):
+                        response = await response
+                except BaseException as e:
+                    logger.error("An error occurs in the exception handler.")
+                    error_logger.exception(e)
+            # ----------------------------------------------
+
+            return
+
         # -------------------------------------------- #
         # Request Middleware
         # -------------------------------------------- #
@@ -762,6 +804,7 @@ async def handle_exception(
                     )
         if response is not None:
             try:
+                request.reset_response()
                 response = await request.respond(response)
             except BaseException:
                 # Skip response middleware
@@ -871,10 +914,18 @@ async def handle_request(self, request: Request):  # no cov
                 if isawaitable(response):
                     response = await response
 
-            if response is not None:
+            if response is not None and not request.responded:
                 response = await request.respond(response)
-            elif not hasattr(handler, "is_websocket"):
-                response = request.stream.response  # type: ignore
+            elif not hasattr(handler, "is_websocket") or request.responded:
+                if request.stream is not None:
+                    response = request.stream.response
+                if request.responded:
+                    error_logger.error(
+                        "The response object returned by the route handler "
+                        "won't be sent to client because a previous response "
+                        "or itself was created and may have been sent the "
+                        "client. "
+                    )
 
             # Make sure that response is finished / run StreamingHTTP callback
             if isinstance(response, BaseHTTPResponse):

sanic/asgi.py

@@ -7,8 +7,10 @@
 
 from sanic.compat import Header
 from sanic.exceptions import ServerError
+from sanic.http import Stage
 from sanic.models.asgi import ASGIReceive, ASGIScope, ASGISend, MockTransport
 from sanic.request import Request
+from sanic.response import BaseHTTPResponse
 from sanic.server import ConnInfo
 from sanic.server.websockets.connection import WebSocketConnection
 
@@ -83,6 +85,8 @@ class ASGIApp:
     transport: MockTransport
     lifespan: Lifespan
     ws: Optional[WebSocketConnection]
+    stage: Stage
+    response: Optional[BaseHTTPResponse]
 
     def __init__(self) -> None:
         self.ws = None
@@ -95,6 +99,8 @@ async def create(
         instance.sanic_app = sanic_app
         instance.transport = MockTransport(scope, receive, send)
         instance.transport.loop = sanic_app.loop
+        instance.stage = Stage.IDLE
+        instance.response = None
         setattr(instance.transport, "add_task", sanic_app.loop.create_task)
 
         headers = Header(
@@ -149,6 +155,8 @@ async def read(self) -> Optional[bytes]:
         """
         Read and stream the body in chunks from an incoming ASGI message.
         """
+        if self.stage is Stage.IDLE:
+            self.stage = Stage.REQUEST
         message = await self.transport.receive()
         body = message.get("body", b"")
         if not message.get("more_body", False):
@@ -163,11 +171,17 @@ async def __aiter__(self):
             if data:
                 yield data
 
-    def respond(self, response):
+    def respond(self, response: BaseHTTPResponse):
+        if self.stage is not Stage.HANDLER:
+            self.stage = Stage.FAILED
+            raise RuntimeError("Response already started")
+        if self.response is not None:
+            self.response.stream = None
         response.stream, self.response = self, response
         return response
 
     async def send(self, data, end_stream):
+        self.stage = Stage.IDLE if end_stream else Stage.RESPONSE
         if self.response:
             response, self.response = self.response, None
             await self.transport.send(
@@ -195,6 +209,7 @@ async def __call__(self) -> None:
         Handle the incoming request.
         """
         try:
+            self.stage = Stage.HANDLER
             await self.sanic_app.handle_request(self.request)
         except Exception as e:
             await self.sanic_app.handle_exception(self.request, e)

sanic/http.py

@@ -584,6 +584,11 @@ def respond(self, response: BaseHTTPResponse) -> BaseHTTPResponse:
             self.stage = Stage.FAILED
             raise RuntimeError("Response already started")
 
+        # Disconnect any earlier but unused response object
+        if self.response is not None:
+            self.response.stream = None
+
+        # Connect and return the response
         self.response, response.stream = response, self
         return response
 

sanic/request.py

@@ -18,7 +18,6 @@
 if TYPE_CHECKING:
     from sanic.server import ConnInfo
     from sanic.app import Sanic
-    from sanic.http import Http
 
 import email.utils
 import uuid
@@ -32,7 +31,7 @@
 
 from sanic.compat import CancelledErrors, Header
 from sanic.constants import DEFAULT_HTTP_CONTENT_TYPE
-from sanic.exceptions import InvalidUsage
+from sanic.exceptions import InvalidUsage, ServerError
 from sanic.headers import (
     AcceptContainer,
     Options,
@@ -42,6 +41,7 @@
     parse_host,
     parse_xforwarded,
 )
+from sanic.http import Http, Stage
 from sanic.log import error_logger, logger
 from sanic.models.protocol_types import TransportProtocol
 from sanic.response import BaseHTTPResponse, HTTPResponse
@@ -104,6 +104,7 @@ class Request:
         "parsed_json",
         "parsed_forwarded",
         "raw_url",
+        "responded",
         "request_middleware_started",
         "route",
         "stream",
@@ -155,6 +156,7 @@ def __init__(
         self.stream: Optional[Http] = None
         self.route: Optional[Route] = None
         self._protocol = None
+        self.responded: bool = False
 
     def __repr__(self):
         class_name = self.__class__.__name__
@@ -164,6 +166,21 @@ def __repr__(self):
     def generate_id(*_):
         return uuid.uuid4()
 
+    def reset_response(self):
+        try:
+            if (
+                self.stream is not None
+                and self.stream.stage is not Stage.HANDLER
+            ):
+                raise ServerError(
+                    "Cannot reset response because previous response was sent."
+                )
+            self.stream.response.stream = None
+            self.stream.response = None
+            self.responded = False
+        except AttributeError:
+            pass
+
     async def respond(
         self,
         response: Optional[BaseHTTPResponse] = None,
@@ -172,13 +189,19 @@ async def respond(
         headers: Optional[Union[Header, Dict[str, str]]] = None,
         content_type: Optional[str] = None,
     ):
+        try:
+            if self.stream is not None and self.stream.response:
+                raise ServerError("Second respond call is not allowed.")
+        except AttributeError:
+            pass
         # This logic of determining which response to use is subject to change
         if response is None:
-            response = (self.stream and self.stream.response) or HTTPResponse(
+            response = HTTPResponse(
                 status=status,
                 headers=headers,
                 content_type=content_type,
             )
+
         # Connect the response
         if isinstance(response, BaseHTTPResponse) and self.stream:
             response = self.stream.respond(response)
@@ -193,6 +216,7 @@ async def respond(
             error_logger.exception(
                 "Exception occurred in one of response middleware handlers"
             )
+        self.responded = True
         return response
 
     async def receive_body(self):

sanic/response.py

@@ -3,6 +3,7 @@
 from os import path
 from pathlib import PurePath
 from typing import (
+    TYPE_CHECKING,
     Any,
     AnyStr,
     Callable,
@@ -19,11 +20,15 @@
 from sanic.compat import Header, open_async
 from sanic.constants import DEFAULT_HTTP_CONTENT_TYPE
 from sanic.cookies import CookieJar
+from sanic.exceptions import SanicException, ServerError
 from sanic.helpers import has_message_body, remove_entity_headers
 from sanic.http import Http
 from sanic.models.protocol_types import HTMLProtocol, Range
 
 
+if TYPE_CHECKING:
+    from sanic.asgi import ASGIApp
+
 try:
     from ujson import dumps as json_dumps
 except ImportError:
@@ -45,7 +50,7 @@ def __init__(self):
         self.asgi: bool = False
         self.body: Optional[bytes] = None
         self.content_type: Optional[str] = None
-        self.stream: Http = None
+        self.stream: Optional[Union[Http, ASGIApp]] = None
         self.status: int = None
         self.headers = Header({})
         self._cookies: Optional[CookieJar] = None
@@ -112,8 +117,17 @@ async def send(
         """
         if data is None and end_stream is None:
             end_stream = True
-        if end_stream and not data and self.stream.send is None:
-            return
+        if self.stream is None:
+            raise SanicException(
+                "Stream was disconnected with this response instance."
+            )
+        if self.stream.send is None:
+            if end_stream and not data:
+                return
+            raise ServerError(
+                "Response stream was ended, no more response data is "
+                "allowed to be sent."
+            )
         data = (
             data.encode()  # type: ignore
             if hasattr(data, "encode")

tests/conftest.py

@@ -6,7 +6,8 @@
 import sys
 import uuid
 
-from typing import Tuple
+from logging import LogRecord
+from typing import Callable, List, Tuple
 
 import pytest
 
@@ -170,3 +171,16 @@ def run(app):
         return caplog.record_tuples
 
     return run
+
+
+@pytest.fixture(scope="function")
+def message_in_records():
+    def msg_in_log(records: List[LogRecord], msg: str):
+        error_captured = False
+        for record in records:
+            if msg in record.message:
+                error_captured = True
+                break
+        return error_captured
+
+    return msg_in_log