Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not send stack traces in GraphQL responses #1539

Merged
merged 1 commit into from
Jul 23, 2024
Merged

Do not send stack traces in GraphQL responses #1539

merged 1 commit into from
Jul 23, 2024

Conversation

michael-markl
Copy link
Member

Short description

To remove the stack traces from the Graphql errors, I had to remove the usage of GraphqlErrorException as it always serializes the whole exception including stacktrace.

Proposed changes

Make GraphQLBaseException no longer inherit from the above mentioned GraphqlErrorException and implement a custom DataFetcherExceptionHandler that only wraps unknown exceptions into ExceptionWhileDataFetching objects and converts the known ones (ie. the subclasses of GraphQLBaseException) into GraphQLErrors without wrapping it.

If an ExceptionWhileDataFetching occurs, the wrapped exception is rethrown and either handled by handle if it's a 40x error, or by Javalin (if it's a completely unexpected exception) and then a 500 is returned and the exception is logged by Javalin.

Side effects

Hopefully none.

Resolved issues

Fixes: #1538

@michael-markl michael-markl changed the title Do not send stack traces to users Do not send stack traces in GraphQL responses Jul 19, 2024
f1sh1918
f1sh1918 approved these changes Jul 23, 2024
View reviewed changes
Copy link
Contributor

@f1sh1918 f1sh1918 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks fine to me.
Responses do not contain stack traces anymore.
Nicely done 👍

@michael-markl michael-markl merged commit f239b21 into main Jul 23, 2024
1 check passed
@michael-markl michael-markl deleted the 1538-dont-send-stack-traces branch July 23, 2024 09:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@f1sh1918 f1sh1918 f1sh1918 approved these changes

@steffenkleinle steffenkleinle Awaiting requested review from steffenkleinle steffenkleinle is a code owner

@ztefanie ztefanie Awaiting requested review from ztefanie ztefanie is a code owner

@seluianova seluianova Awaiting requested review from seluianova seluianova is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Disable stack traces in JSON responses
2 participants
@michael-markl @f1sh1918