pelias
/
api
mirror of https://github.com/pelias/api.git
1
0
Fork 0
Code Issues Releases Activity
Browse Source

Return error message if string. 

middleware/500.js
	-cf1a483 changed the middleware to return an opaque error
	message rather than the error object itself, in case it contains
	sensitive information. The problem is that some sanitizers
	return a helpful error message (intended to be seen by users) as
	a string. Add a conditional to only return the ambiguous,
	catchall error message when a non-string `err` object is
	received -- this will likely be a stack trace, or something.
pull/124/head
Severyn Kozak 10 years ago
parent
f72ed2a6bd
commit
f27df8b5c5
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      middleware/500.js

2
middleware/500.js
Unescape View File

@ -6,7 +6,7 @@ function middleware(err, req, res, next) {
logger.error( 'Stack trace:', err.trace );
res.header('Cache-Control','no-cache');
if( res.statusCode < 400 ){ res.status(500); }
res.json({ error: 'internal server error' });
res.json({ error: typeof err === 'string' ? err : 'internal server error' });
}
module.exports = middleware;

Write Preview
Loading…
Cancel
Save