Valence

[API] Hide exception detail from end user

Bug #1656176 reported by Lin Yang on 2017-01-13

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Valence	New	High	Anusha

Bug Description

https://github.com/openstack/valence/blob/e83c8ffb733a34edc683e1190a8b2ab0fb58637f/valence/api/route.py#L49

When internal exception happened, valence will convert it to unified message format, but return exactly detail to user. This may bring security issue, user don't need to know internal detail, but http 500 message "The server encountered an unexpected condition which prevented it from fulfilling the request. ".

Lin Yang (lin-a-yang) on 2017-01-13

Changed in openstack-valence:
importance:	Undecided → High
summary:	- Hide exception detail from end user + [API] Hide exception detail from end user

Anusha (anusha-iiitm) on 2017-01-16

Changed in openstack-valence:
assignee:	nobody → Anusha (anusha-iiitm)

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.