Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[onError][reply] hide sensitive data in the error response #611

Open
xr0master opened this issue Jan 24, 2022 · 4 comments
Open

[onError][reply] hide sensitive data in the error response #611

xr0master opened this issue Jan 24, 2022 · 4 comments
Labels
help wanted Extra attention is needed

Comments

@xr0master
Copy link

Hi guys, sorry if this is trivial, couldn't figure out how to do it.

馃挰 Question here

  1. Errors are passed to the onError hook, where there is no way to change the body of the reply, but only the status. Am I missing something?
// call it into onError hook
reply.status(555).send('my error'); // the status is changed, but 'my error' is ignored.

Yes, I can mutate the error itself, but that will affect the logs as well.

  error.message = 'my error';
  1. Following the 1st problem, I thought that sensitive information can be filtered through the JSON scheme, is there an option to specify the response JSON schema for all outgoing traffic? In other words, how to implement the code below to each response without adding this block to each router?
response: {
  '5xx': {
    type: 'object',
    properties: {
      error: {
        type: 'string',
      },
    },
  },
},

Perhaps there is an easier solution to hide the error message in the response.

Thank you.
@xr0master xr0master added the help wanted Extra attention is needed label Jan 24, 2022
@climba03003
Copy link
Member

climba03003 commented Jan 24, 2022
edited

https://www.fastify.io/docs/latest/Reference/Hooks/#onerror

It is not intended for changing the error, and calling reply.send will throw an exception.

Define your own error handler to override the default behavior.
https://www.fastify.io/docs/latest/Reference/Server/#seterrorhandle

@xr0master
Copy link
Author

xr0master commented Jan 24, 2022
edited

@climba03003 as you can see below, the onError hook runs at the end and requires an error instance, so it cannot be changed in the custom error handler.
image

@xr0master
Copy link
Author

xr0master commented Jan 24, 2022
edited

On another thought, there is no special requirement to hold on to this hook. Just the meaning of this onError hook is questionable. If we use it, then we can not customize the answer, so the error message is publicly available, which is a security issue. And if we do customization the reply, then the hook won't call and store the error in the logs.

I think it would be more logical to call this hook before calling setErrorHandler (or in parallel), then it would really be possible to save the error in the logs and then customize the reply to the client through the error handler.

@mcollina
Copy link
Member

This was significantly refactored in fastify/fastify#3261. Can you check out the next branch of fastify and see if it solves your problem?

Not that for redacting sensitive info in the logs you should use https://getpino.io/#/docs/redaction

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mcollina @xr0master @climba03003