summaryrefslogtreecommitdiffstats
path: root/web/handlers.go
diff options
context:
space:
mode:
Diffstat (limited to 'web/handlers.go')
-rw-r--r--web/handlers.go10
1 files changed, 10 insertions, 0 deletions
diff --git a/web/handlers.go b/web/handlers.go
index 363b05c59..aac88aa3a 100644
--- a/web/handlers.go
+++ b/web/handlers.go
@@ -147,6 +147,16 @@ func (h Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
c.Err.DetailedError = ""
}
+ // Sanitize all 5xx error messages in hardened mode
+ if *c.App.Config().ServiceSettings.ExperimentalEnableHardenedMode && c.Err.StatusCode >= 500 {
+ c.Err.Id = ""
+ c.Err.Message = "Internal Server Error"
+ c.Err.DetailedError = ""
+ c.Err.StatusCode = 500
+ c.Err.Where = ""
+ c.Err.IsOAuth = false
+ }
+
w.WriteHeader(c.Err.StatusCode)
w.Write([]byte(c.Err.ToJson()))
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-05-17 23:00:40 +0000