From 4998965d054e97a9288ba5bc090bfc72cb64c982 Mon Sep 17 00:00:00 2001 From: Munyoki Kilyungi Date: Tue, 10 Sep 2024 09:08:38 +0300 Subject: Create an ADR on handling stack traces. Signed-off-by: Munyoki Kilyungi --- ...0-remove-stace-traces-in-gn3-error-response.gmi | 45 ++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 topics/ADR/gn3/000-remove-stace-traces-in-gn3-error-response.gmi (limited to 'topics') diff --git a/topics/ADR/gn3/000-remove-stace-traces-in-gn3-error-response.gmi b/topics/ADR/gn3/000-remove-stace-traces-in-gn3-error-response.gmi new file mode 100644 index 0000000..d42ceda --- /dev/null +++ b/topics/ADR/gn3/000-remove-stace-traces-in-gn3-error-response.gmi @@ -0,0 +1,45 @@ +# [ADR-001/gn3] Remove Stack Traces in GN3 + +* author: bonfacem +* status: proposed +* reviewed-by: jnduli, zach, pjotr, fredm + +## Context + +Right now, we have stack-traces embedded in our GN3 error response: + +``` +def add_trace(exc: Exception, jsonmsg: dict) -> dict: + """Add the traceback to the error handling object.""" + return { + **jsonmsg, + "error-trace": "".join(traceback.format_exception(exc)) + } + + +def page_not_found(pnf): + """Generic 404 handler.""" + current_app.logger.error("Handling 404 errors", exc_info=True) + return jsonify(add_trace(pnf, { + "error": pnf.name, + "error_description": pnf.description + })), 404 + + +def internal_server_error(pnf): + """Generic 404 handler.""" + current_app.logger.error("Handling internal server errors", exc_info=True) + return jsonify(add_trace(pnf, { + "error": pnf.name, + "error_description": pnf.description + })), 500 +``` + + +## Decision + +Stacke traces have the potential to allow malicious actors compromise our system by providing more context. As such, we should send a useful description of what went wrong; and log our stack traces in our logs, and send an appropriate error status code. We can use the logs to troubleshoot our system. + +## Consequences + +* Lockstep update in GN2 UI on how we handle GN3 errors. -- cgit v1.2.3