Log fatal errors at error level and return generic 500s (#34)

Previously, the error responses:
 - were not valid matrix errors (no `errcode`)
 - returned the `err.Error()` message which may contain sensitive information.
 - did not get logged (at all, let alone set the level correctly).

Now the error responses:
 - return valid matrix errors (`M_UNKNOWN`)
 - return a generic "Internal Server Error" string
 - get logged at `ERROR` level.
This commit is contained in:
Kegsay 2017-03-10 16:50:41 +00:00 committed by GitHub
parent 2fcf6fd6eb
commit 8ccff1e40f
2 changed files with 12 additions and 4 deletions

View file

@ -23,3 +23,11 @@ func UnmarshalJSONRequest(req *http.Request, iface interface{}) *util.JSONRespon
} }
return nil return nil
} }
// LogThenError logs the given error then returns a matrix-compliant 500 internal server error response.
// This should be used to log fatal errors which require investigation. It should not be used
// to log client validation errors, etc.
func LogThenError(req *http.Request, err error) util.JSONResponse {
util.GetLogger(req.Context()).WithError(err).Error("request failed")
return jsonerror.InternalServerError()
}

View file

@ -168,11 +168,11 @@ func createRoom(req *http.Request, cfg config.ClientAPI, roomID string, producer
} }
ev, err := buildEvent(&builder, builtEventMap, cfg) ev, err := buildEvent(&builder, builtEventMap, cfg)
if err != nil { if err != nil {
return util.ErrorResponse(err) return httputil.LogThenError(req, err)
} }
if err := gomatrixserverlib.Allowed(*ev, &authEvents); err != nil { if err := gomatrixserverlib.Allowed(*ev, &authEvents); err != nil {
return util.ErrorResponse(err) return httputil.LogThenError(req, err)
} }
// Add the event to the list of auth events // Add the event to the list of auth events
@ -183,10 +183,10 @@ func createRoom(req *http.Request, cfg config.ClientAPI, roomID string, producer
// send events to the room server // send events to the room server
msgs, err := eventsToMessages(builtEvents, cfg.ClientAPIOutputTopic) msgs, err := eventsToMessages(builtEvents, cfg.ClientAPIOutputTopic)
if err != nil { if err != nil {
return util.ErrorResponse(err) return httputil.LogThenError(req, err)
} }
if err = producer.SendMessages(msgs); err != nil { if err = producer.SendMessages(msgs); err != nil {
return util.ErrorResponse(err) return httputil.LogThenError(req, err)
} }
return util.JSONResponse{ return util.JSONResponse{