From 39e03cee5083d7b40bfab516c088155cb3f77b32 Mon Sep 17 00:00:00 2001
From: Ben Thorner <ben.thorner@digital.cabinet-office.gov.uk>
Date: Thu, 9 Dec 2021 14:43:04 +0000
Subject: [PATCH] Remove redundant 413 error page

This was used when there was an Nginx instance sitting in front of
Admin [1], but nowadays traffic goes through CloudFront, where we
decided not to implement the same protection:

- The likelihood of large requests being a security threat is small
because it's a difficult attack vector.

- We have put in place specific limits on routes where we the size
of the request is actually important [2].

Note that the other error pages can all still be used based on the
response code we get from API requests [3]. Also worth noting we've
had 0 413 response codes for Admin in the last month.

[1]: https://github.com/alphagov/notifications-aws/blob/master/ansible/roles/nginx/templates/nginx.conf.j2#L29-L30
[2]: https://github.com/alphagov/notifications-admin/pull/4090
[3]: https://github.com/alphagov/notifications-admin/blob/b3c0abc4966c847b9a4ccc33a1cf1a148620261e/app/__init__.py#L407-L416
---
 app/__init__.py              |  4 ----
 app/templates/error/413.html | 21 ---------------------
 2 files changed, 25 deletions(-)
 delete mode 100644 app/templates/error/413.html

diff --git a/app/__init__.py b/app/__init__.py
index f6a137446..e79f98e74 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -426,10 +426,6 @@ def register_errorhandlers(application):  # noqa (C901 too complex)
     def handle_gone(error):
         return _error_response(410)
 
-    @application.errorhandler(413)
-    def handle_payload_too_large(error):
-        return _error_response(413)
-
     @application.errorhandler(404)
     def handle_not_found(error):
         return _error_response(404)
diff --git a/app/templates/error/413.html b/app/templates/error/413.html
deleted file mode 100644
index 027edcf19..000000000
--- a/app/templates/error/413.html
+++ /dev/null
@@ -1,21 +0,0 @@
-{% extends "withoutnav_template.html" %}
-{% block per_page_title %}File too big{% endblock %}
-{% block maincolumn_content %}
-    <div class="govuk-grid-row">
-      <div class="govuk-grid-column-two-thirds">
-        <h1 class="heading-large">
-          The file you uploaded was too big
-        </h1>
-        <div class="govuk-grid-row">
-          <div class="govuk-grid-column-two-thirds">
-            <p class="govuk-body">
-              Files must be smaller than 5 MB.
-            </p>
-            <p class="govuk-body">
-              <a class="govuk-link govuk-link--no-visited-state" href="javascript: history.go(-1)">Go back and try again.</a>
-            </p>
-          </div>
-        </div>
-      </div>
-    </div>
-{% endblock %}