New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cannot handle exceptions raised while running a response #218
Comments
The |
I don't understand this well at this moment. So, just a short comment. Rich error messages are necessary for debugging but they should not be delivered to users after deployment to prevent abusing. So, I think we need a way to customize the error messages. |
Right, as a simple
I don't know for sure yet, still investigating. I do suspect that the error occurs not in constructing the @kazu-yamamoto yes absolutely. We want it reported in a dev situation but in a production situation we just want it logged, and no info leaked to a potential attacker. |
I would propose to add a new field to |
@dcoutts Please try |
@kazu-yamamoto Those names sound find to me, thanks for implementing this! |
|
@singpolyma would you us the code? |
@kazu-yamamoto Hmm, so, on another look at the code the default exception handler is pretty complex -- probably want to be able to replace the response without redoing all that, which makes me like your way better. And the way it all ends up getting used... it's probably just added complexity to combine the two. |
So, do you agree with introducing Since |
@singpolyma @kazu-yamamoto I filed #226 which is very closely related here. Summary: logging the exception is obviously the right thing to do, but we should not send a 500 response at all, and certainly not on warp shutdown. Possibly, possibly given that you're making it configurable you could have a way to opt-in to get a 500 response, but it should never be the default for development and certainly not production because its breaks infrastructure like proxies (and who knows what else). |
I agree. |
OK. I will take care of this. |
That looks good. Thanks very much Kazu! |
In a customer's yesod application (using warp-2.0.x) we are getting a 500 response with "Something went wrong" as the error message. This is a little unusual since yesod can normally catch exceptions throw by calls to error.
A little digging reveals that this comes from the warp exception handler when running one or more requests on a socket.
It's that send500 that produces the "Something went wrong".
While that's perhaps reasonable default behaviour for warp (don't want to leak info about the exception to an attacker) it is obvious that for development & deployment logging we want to be able to customise that.
So there are perhaps two bugs here:
The difficulty is that the exception is clearly being throw as the
Response
is run/unfolded rather than when it is constructed. So it's not enough to wrap a handler around the construction of theResponse
. I may be missing something but it doesn't look like it's possible to insert an exception handler inside a conduit (which is quite reasonable, it does safe resource management but that doesn't mean you should be able to fiddle with the running of a conduit from within one).As a quick hack I've patched warp: http://lpaste.net/98599
This compiles and we're in the process of seeing if that does reveal more details about the exception being thrown in this case.
The text was updated successfully, but these errors were encountered: