diff options
Diffstat (limited to 'web/handlers.go')
-rw-r--r-- | web/handlers.go | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/web/handlers.go b/web/handlers.go index 363b05c59..aac88aa3a 100644 --- a/web/handlers.go +++ b/web/handlers.go @@ -147,6 +147,16 @@ func (h Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) { c.Err.DetailedError = "" } + // Sanitize all 5xx error messages in hardened mode + if *c.App.Config().ServiceSettings.ExperimentalEnableHardenedMode && c.Err.StatusCode >= 500 { + c.Err.Id = "" + c.Err.Message = "Internal Server Error" + c.Err.DetailedError = "" + c.Err.StatusCode = 500 + c.Err.Where = "" + c.Err.IsOAuth = false + } + w.WriteHeader(c.Err.StatusCode) w.Write([]byte(c.Err.ToJson())) |