diff options
author | Christopher Speller <crspeller@gmail.com> | 2018-06-04 09:48:26 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-06-04 09:48:26 -0700 |
commit | 2c75247c97d0277944975deb9595b5f82a80e91e (patch) | |
tree | bd2bf76858fa308fc72b7f48860e6c291622149f /web/handlers.go | |
parent | bd7c9f86424a8d6609ad602e2225c4438d136415 (diff) | |
download | chat-2c75247c97d0277944975deb9595b5f82a80e91e.tar.gz chat-2c75247c97d0277944975deb9595b5f82a80e91e.tar.bz2 chat-2c75247c97d0277944975deb9595b5f82a80e91e.zip |
MM-10348 Adding experimental hardened mode. (#8881)
* Adding experimental hardened mode.
* Sanitizing all 500 errors.
Diffstat (limited to 'web/handlers.go')
-rw-r--r-- | web/handlers.go | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/web/handlers.go b/web/handlers.go index 363b05c59..aac88aa3a 100644 --- a/web/handlers.go +++ b/web/handlers.go @@ -147,6 +147,16 @@ func (h Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) { c.Err.DetailedError = "" } + // Sanitize all 5xx error messages in hardened mode + if *c.App.Config().ServiceSettings.ExperimentalEnableHardenedMode && c.Err.StatusCode >= 500 { + c.Err.Id = "" + c.Err.Message = "Internal Server Error" + c.Err.DetailedError = "" + c.Err.StatusCode = 500 + c.Err.Where = "" + c.Err.IsOAuth = false + } + w.WriteHeader(c.Err.StatusCode) w.Write([]byte(c.Err.ToJson())) |