Only send traceback to users when in debug mode
API services currently send the traceback to clients. While the client hides it from user view, it is still present in the response, exposing the service to details of the engine that administrators likely would not like to have exposed. Fixes bug #1210623 Change-Id: I554ba24b7ac9166e28a8a0a10f566ed9cfa03014
This commit is contained in:
parent
340dc1bdd2
commit
9e9c747b4e
|
@ -22,6 +22,9 @@ Cinder's faultwrapper
|
|||
|
||||
import traceback
|
||||
import webob
|
||||
from oslo.config import cfg
|
||||
|
||||
cfg.CONF.import_opt('debug', 'heat.openstack.common.log')
|
||||
|
||||
from heat.common import exception
|
||||
from heat.openstack.common import log as logging
|
||||
|
@ -80,7 +83,8 @@ class FaultWrapper(wsgi.Middleware):
|
|||
if isinstance(ex, exception.HTTPExceptionDisguise):
|
||||
# An HTTP exception was disguised so it could make it here
|
||||
# let's remove the disguise and set the original HTTP exception
|
||||
trace = ''.join(traceback.format_tb(ex.tb))
|
||||
if cfg.CONF.debug:
|
||||
trace = ''.join(traceback.format_tb(ex.tb))
|
||||
ex = ex.exc
|
||||
webob_exc = ex
|
||||
|
||||
|
@ -91,7 +95,7 @@ class FaultWrapper(wsgi.Middleware):
|
|||
|
||||
message = str(ex.message)
|
||||
|
||||
if not trace:
|
||||
if cfg.CONF.debug and not trace:
|
||||
trace = str(ex)
|
||||
if trace.find('\n') > -1:
|
||||
unused, trace = trace.split('\n', 1)
|
||||
|
|
|
@ -647,6 +647,7 @@ class StackControllerTest(ControllerTest, HeatTestCase):
|
|||
self.m.VerifyAll()
|
||||
|
||||
def test_create_err_stack_bad_reqest(self):
|
||||
cfg.CONF.set_override('debug', True)
|
||||
template = {u'Foo': u'bar'}
|
||||
parameters = {u'InstanceType': u'm1.xlarge'}
|
||||
body = {'template': template,
|
||||
|
|
|
@ -27,7 +27,7 @@ class FaultMiddlewareTest(HeatTestCase):
|
|||
msg = wrapper._error(heat_exc.StackNotFound(stack_name='a'))
|
||||
expected = {'code': 404,
|
||||
'error': {'message': 'The Stack (a) could not be found.',
|
||||
'traceback': 'None\n',
|
||||
'traceback': None,
|
||||
'type': 'StackNotFound'},
|
||||
'explanation': 'The resource could not be found.',
|
||||
'title': 'Not Found'}
|
||||
|
@ -39,7 +39,7 @@ class FaultMiddlewareTest(HeatTestCase):
|
|||
expected = {'code': 500,
|
||||
'error': {'message': 'Response from Keystone does '
|
||||
'not contain a Heat endpoint.',
|
||||
'traceback': 'None\n',
|
||||
'traceback': None,
|
||||
'type': 'NoServiceEndpoint'},
|
||||
'explanation': 'The server has either erred or is '
|
||||
'incapable of performing the requested '
|
||||
|
@ -48,6 +48,8 @@ class FaultMiddlewareTest(HeatTestCase):
|
|||
self.assertEqual(msg, expected)
|
||||
|
||||
def test_remote_exception(self):
|
||||
# We want tracebacks
|
||||
cfg.CONF.set_override('debug', True)
|
||||
error = heat_exc.StackNotFound(stack_name='a')
|
||||
exc_info = (type(error), error, None)
|
||||
serialized = rpc_common.serialize_remote_exception(exc_info)
|
||||
|
|
Loading…
Reference in New Issue