From 2c75247c97d0277944975deb9595b5f82a80e91e Mon Sep 17 00:00:00 2001
From: Christopher Speller <crspeller@gmail.com>
Date: Mon, 4 Jun 2018 09:48:26 -0700
Subject: MM-10348 Adding experimental hardened mode. (#8881)

* Adding experimental hardened mode.

* Sanitizing all 500 errors.
---
 web/handlers.go | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'web')

diff --git a/web/handlers.go b/web/handlers.go
index 363b05c59..aac88aa3a 100644
--- a/web/handlers.go
+++ b/web/handlers.go
@@ -147,6 +147,16 @@ func (h Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 			c.Err.DetailedError = ""
 		}
 
+		// Sanitize all 5xx error messages in hardened mode
+		if *c.App.Config().ServiceSettings.ExperimentalEnableHardenedMode && c.Err.StatusCode >= 500 {
+			c.Err.Id = ""
+			c.Err.Message = "Internal Server Error"
+			c.Err.DetailedError = ""
+			c.Err.StatusCode = 500
+			c.Err.Where = ""
+			c.Err.IsOAuth = false
+		}
+
 		w.WriteHeader(c.Err.StatusCode)
 		w.Write([]byte(c.Err.ToJson()))
 
-- 
cgit v1.2.3-1-g7c22