Add connection property to limit server error detail in exception exceptions #1579
Conversation
|
|
|
This one looks better. Seems that the datasource also needs a getter/setter. Thanks for working on this. |
|
|
|
@sehrope is this ready ? |
|
Never got any feedback to change the naming etc so I suppose it's fine. I'll try to add at least one test for it today and then it should be good. |
|
Excellent, thanks |
…on messages
Adds a boolean connection property, LOG_SERVER_MESSAGE_DETAIL ("logServerMessage") that
controls whether the full error detail, as reported back by the server, is included in
the exception messages. This property can be used to limit potentially sensitive content
in server messages from bubbling up in exception messages and stack traces.
If set to "false" then only the top level error will be included in the exception message.
If set to "true" then all details in the server error will be included.
Default value for the new property is "true" to reflect the prior behavior of logging the
full error detail.
Closes pgjdbc#1577
sehrope
force-pushed
the
feat-hide-error-detail
branch
from
817f661
to
421eed0
Compare
|
Rebased and added a test for the new property. Works on later versions of PG, hopefully it passes on all the older versions too. Tried to keep the error message checking generic enough that it should. Let's see what Travis says... |
|
|
sehrope
force-pushed
the
feat-hide-error-detail
branch
from
421eed0
to
b3d2295
Compare
|
Looks like it was good on everything except 8.4 as the older server versions do not include the full details in the error response. I force pushed an update to skip test unless it's 9.1+. Once it passes should be good to merge. |
|
|
|
@sehrope I can't seem to find any code that actually looks for the version? |
|
@davecramer Because it's not... I added the check on line 38 but didn't wrap it in an |
sehrope
force-pushed
the
feat-hide-error-detail
branch
from
b3d2295
to
c5b7fdd
Compare
|
|
|
So Travis passes and it correctly skips 8.4, but looks like it failed on some unrelated race condition on AppVeyor: https://ci.appveyor.com/project/davecramer/pgjdbc/builds/28856322/job/cyyur72crn2t7ohl#L306 I say this is good to go and will take a peek at that unrelated race condition some time soon. |
ghost
mentioned this pull request
…eptions (pgjdbc#1579) * feat: Add connection property to limit server error detail in exception messages Adds a boolean connection property, LOG_SERVER_MESSAGE_DETAIL ("logServerMessage") that controls whether the full error detail, as reported back by the server, is included in the exception messages. This property can be used to limit potentially sensitive content in server messages from bubbling up in exception messages and stack traces. If set to "false" then only the top level error will be included in the exception message. If set to "true" then all details in the server error will be included. Default value for the new property is "true" to reflect the prior behavior of logging the full error detail. Closes pgjdbc#1577 * fix: Add getter and setter for LOG_SERVER_ERROR_DETAIL to BaseDataSource * test: Add test for logServerErrorDetail connection property
This patch keeps the old behavior but adds a new connection property to disable error detail. It defaults to "true" (the old behavior).
RFC for:
PSQLException(ServerErrorMessage)? (i.e. is the constructor part of our public API, if not remove it to ensure we don't accidentally create it without the option).getMessage(ServerErrorMessage)to get the text? (Seems like overkill but would give users option to format things however they'd like)Consider this patch a WIP / proof-of-concept until those are addressed.
Also would need some tests to actually try out enabling and disabling things and verifying they're not included.
Also I did a quick compile check and ran a handful of tests but not the entire suite yet. I doubt the error messages break anything but if so we'll need to address those too...