Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

eyre: when a %request causes a crud, serve 500 #6553

Merged
merged 1 commit into from
May 5, 2023
Merged

eyre: when a %request causes a crud, serve 500 #6553

merged 1 commit into from
May 5, 2023

Conversation

Fang-
Copy link
Member

@Fang- Fang- commented May 4, 2023

Previously, if an incoming request caused a crash, we would just drop it on the floor. We should at least have the decency to serve the client a quick 500 and let them get on with their day.

We make sure not to touch state here. The connection is guaranteed-fresh because of the task's semantics, and we're handling it in-line in one go.

Notably we only give a simple "crud!" for the body, instead of the full error trace. We don't know whether the request is authenticated or not (and who knows if checking was the cause of the crash!), and the crud might leak sensitive details about the ship it occurred on. For the owner, the trace still gets printed into the terminal.

@Fang-
eyre: when a %request causes a crud, serve 500
08ad367 
Previously, if an incoming request caused a crash, we would just drop it
on the floor. We should at least have the decency to serve the client a
quick 500 and let them get on with their day.

We make sure not to touch state here. The connection is guaranteed-fresh
because of the task's semantics, and we're handling it in-line in one go.

Notably we only give a simple "crud!" for the body, instead of the full
error trace. We don't know whether the request is authenticated or not
(and who knows if checking was the cause of the crash!), and the crud
might leak sensitive details about the ship it occurred on. For the
owner, the trace still gets printed into the terminal.
@Fang- Fang- added the eyre label May 4, 2023
@Fang- Fang- requested review from joemfb and pkova May 4, 2023 16:28
joemfb
joemfb approved these changes May 4, 2023
View reviewed changes
Copy link
Member

@joemfb joemfb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It might be better to handle this by crashing on the %crud (or inducing vere to not even inject it), and instead producing the 500 response in the i/o driver. But that's more involved, and the change would need to be coordinated across layers.

this will do

@jalehman jalehman merged commit a6024e3 into develop May 5, 2023
1 check passed
@jalehman jalehman deleted the m/eyre-crud-500 branch May 5, 2023 15:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joemfb joemfb joemfb approved these changes

@pkova pkova Awaiting requested review from pkova

Assignees
No one assigned
Labels
eyre
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@Fang- @joemfb @jalehman