Error handling in production [EPIC PLACEHOLDER] #1650
Comments
|
General requirements:
Security considerations
Proposal Implement a new middleware module called loopback-error-handler accepting the following config: {
// enable the development mode?
// In dev, all error properties (including) stack traces are sent in the response
debug: true,
// log errors to stderr?
log: true,
// Array of fields (custom Error properties) that are safe to include
// in response messages (both 4xx and 5xx).
// "details" property is always included in 4xx responses (not in 5xx)
safeFields: ['errorCode'],
// the default type to use when there is no (recognised) Accept header
// use 'html' for websites, 'json' for API servers
defaultType: 'json' // or 'html' or 'text' or 'xml'
// map of templates to use for rendering responses
views: {
// the default view
default: path.resolve(__dirname, 'views/error-default.jade'),
404: path.resolve(__dirname, 'views/error-not-found.jade'),
// etc.
},
// map of static files to send as a response
files: {
// default: path.resolve(__dirname, 'public/error.html'),
401: path.resolve(__dirname, 'views/error-unauthorized.html'),
// etc.
},
// a custom JSON serializer function for producing JSON response bodies
// @param sanitizedData: response data containing only safe properties
// @param originalError: the original Error object
jsonSerializer: function(sanitizedData, originalError) {
if (originalError.name === 'ValidationError') {
var details = sanitizedData.details || {};
sanitizedData.issueCount = details.codes && Object.keys(details.codes).length;
}
return sanitizedData;
}
}JSON response fields
Implementation Notes
References
An example of the current error response format: {
"error": {
"name": "ValidationError",
"status": 422,
"message": "The `Product` instance is not valid. Details: `name` can't be blank (value: undefined).",
"statusCode": 422,
"details": {
"context": "Product",
"codes": {
"name": ["presence"]
},
"messages": {
"name": ["can't be blank"]
}
},
"stack": "ValidationError: The `Product` instance is not valid. etc."
}
} |
|
It would be nice if there was a way to add some custom logic in as well. The use case I am thinking of is sending an email after a 500 error code and then killing the process. Currently to achieve this I override Will the new error handler be able to achieve this in some way @loay? |
IMO, that's out of scope of this module. You should disable strong-remoting's error handler completely and then install your own error handling middleware to handle this case. |
bajtos
changed the title
|
@bajtos - Shouldn't error messages also be configurable so that when directly rendered in UI, they could be easily understood by user? How can we configure these error messages? Like |
Yes, you should parse Having wrote that, this discussion is out of scope of this particular issue. Please open a new one if there is anything else to discuss and/or clarify. |
Sorry for that. Here's a new issue/question #2630 |
|
Closing as done. |
Per the discussion in expressjs/errorhandler#13, we should not use
errorhandlermodule in production:For example, we can use api-error-handler for JSON API requests/responses in strong-remoting.
I am creating this GH issue as a place where we can discuss possible approaches and agree on a solution to implement.
/to @ritch @raymondfeng
/cc @fabien @clarkorz
Subtasks
strong-error-handlerwith the usual scaffolding (jscs and jshint, mocha + chai for unit tests, etc.). License: dual MIT + SLThe text was updated successfully, but these errors were encountered: