Right now when the call to the VirusTotal API fails, it does so silently to the user. A log entry does get made, but that's it.
- Users should be told explicitly in the UI that the VT API calls aren't working. The VT scanning is arguably the point of the app.
- You should record it in sentry since you've got that in there.
- It would be great to have a way to see the full request/response when the failure happens so self-helpers can more easily self-help (maybe a debug flag, envvar, or preference item)
//send request
// ->synchronous, so will block
vtData = [NSURLConnection sendSynchronousRequest:request returningResponse:&httpResponse error:&error];
//sanity check(s)
if( (nil == vtData) ||
(nil != error) ||
(200 != (long)[(NSHTTPURLResponse *)httpResponse statusCode]) )
{
//err msg
NSLog(@"OBJECTIVE-SEE ERROR: failed to query VirusTotal (%@, %@)", error, httpResponse);
//bail
goto bail;
}an example of this log message looks like this:
OBJECTIVE-SEE ERROR: failed to query VirusTotal ((null), <NSHTTPURLResponse: 0x6000036b6f80> { URL: https://www.virustotal.com/partners/sysinternals/file-reports?apikey=233--REDACTED-FOR-GITHUB--5ad } {Status Code: 400, Headers {
"Content-Length" = (
223
);
"Content-Type" = (
"text/html; charset=UTF-8"
);
Date = (
"Tue, 24 May 2022 09:38:38 GMT"
);
Server = (
"Google Frontend"
);
"X-Cloud-Trace-Context" = (
b8b50fe04729d7855e74760b9ab318d4
);
} })
Which tells us relatively little about what went wrong:
Bad request. Your request was somehow incorrect. This can be caused by missing arguments or arguments with wrong values.
Right now when the call to the VirusTotal API fails, it does so silently to the user. A log entry does get made, but that's it.
an example of this log message looks like this:
Which tells us relatively little about what went wrong: