Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AspNetCoreServer: make adding exception detail to http response opt-in #899

Merged
merged 1 commit into from
Feb 12, 2023
Merged

AspNetCoreServer: make adding exception detail to http response opt-in #899

merged 1 commit into from
Feb 12, 2023

Conversation

duncanbrown
Copy link
Contributor

Issue #, if available:
#886

Description of changes:
Current behaviour of AspNetCoreServer when an exception is thrown during request processing is to include details of that exception - specifically its type-name - in the HTTP response.
This seems insecure, so this change makes that something that must be opted-in to - by default, exception detail will not be returned in the response.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@ashishdhingra ashishdhingra requested a review from normj August 23, 2021 18:07
@philasmar philasmar requested a review from ganeshnj February 2, 2022 18:33
@ashishdhingra ashishdhingra mentioned this pull request Mar 22, 2022
Closed
@ashishdhingra
Copy link
Contributor

Should this PR be favored in place of #1007?

@ashishdhingra ashishdhingra added the bug This issue is a bug. label Oct 11, 2022
@normj normj changed the base branch from master to dev February 12, 2023 02:12
normj added a commit that referenced this pull request Feb 12, 2023
@normj
Version bump Amazon.Lambda.AspNetCoreServer to 8.0.0
36beea1 
Major version bump is due to the slight runtime breaking change of PR #899
@normj normj merged commit 0ca6732 into aws:dev Feb 12, 2023
@normj
Copy link
Member

normj commented Feb 13, 2023

Thanks for the PR. This PR has been released as part of version 8.0.0 of Amazon.Lambda.AspNetCoreServer. It was a major version bump due to the slight breaking change behavior.

This was referenced Feb 13, 2023
Merged
Closed
@mungojam
Copy link

mungojam commented Apr 19, 2023
edited
Loading

can you give a tip on how we set this to restore original behaviour? It doesn't seem to be a property on APIGatewayProxyFunction and it's not clear which functions inherit from the function class that the property has been added to.

@mungojam
Copy link

can you give a tip on how we set this to restore original behaviour? It doesn't seem to be a property on APIGatewayProxyFunction and it's not clear which functions inherit from the function class that the property has been added to.

my mistake, my project hadn't updated successfully. It is a property on APIGatewayProxyFunction after all

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@normj normj Awaiting requested review from normj

@ganeshnj ganeshnj Awaiting requested review from ganeshnj

Assignees
No one assigned
Labels
bug This issue is a bug.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@duncanbrown @ashishdhingra @normj @mungojam