-
Notifications
You must be signed in to change notification settings - Fork 1.1k
invalid uuid check is returning a plain object instead of sending HTTP response #2734
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: master
Are you sure you want to change the base?
Changes from all commits
27799e6
3b23184
9abfffd
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -54,8 +54,8 @@ app.use('/', [yieldRoutes, config, median, perp, enriched, lsd, pools]); | |
|
|
||
| function errorHandler (err, req, res, next) { | ||
| console.log(err) | ||
| res.status(500) | ||
| res.render('error', { error: err }) | ||
| const statusCode = err.statusCode ?? 500 | ||
| res.status(statusCode).json({ status: err.status ?? 'error', message: err.message }) | ||
| } | ||
|
Comment on lines
55
to
59
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🧩 Analysis chain🏁 Script executed: #!/bin/bash
# Verify whether error middleware already guards headersSent
rg -n -C3 'function errorHandler|headersSent|res\.status\(statusCode\)\.json' src/api/app.js
# Inspect error producers that can reach middleware
rg -n -C2 'throw new AppError|next\(err\)|Promise\.reject|throw ' src/api/controllers src/api/routes src/apiRepository: DefiLlama/yield-server Length of output: 2117 🏁 Script executed: #!/bin/bash
rg -n "class AppError|function AppError|statusCode|fail" src/api src/utils src -S
echo "----"
rg -n "res\.status\(400\)\.json|invalid uuid|UUID|uuid|Bad Request" src/api/controllers -SRepository: DefiLlama/yield-server Length of output: 50379 🏁 Script executed: #!/bin/bash
rg -n "class AppError|function AppError|statusCode|fail|status\s*=" src/api src/utils src -S
echo "----"
rg -n "res\.status\(400\)\.json|invalid uuid|UUID|uuid|Bad Request" src/api/controllers -SRepository: DefiLlama/yield-server Length of output: 50379 Add a
Suggested fix function errorHandler (err, req, res, next) {
console.log(err)
+ if (res.headersSent) {
+ return next(err)
+ }
const statusCode = err.statusCode ?? 500
res.status(statusCode).json({ status: err.status ?? 'error', message: err.message })
}🤖 Prompt for AI Agents |
||
|
|
||
| app.use(errorHandler) | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Avoid returning raw internal error messages for 5xx responses.
At Line 58,
message: err.messagewill expose internal failure details on unexpected server errors. Prefer a generic message forstatusCode >= 500, while keeping specific messages for 4xx AppError flows.Suggested fix
function errorHandler (err, req, res, next) { console.log(err) const statusCode = err.statusCode ?? 500 - res.status(statusCode).json({ status: err.status ?? 'error', message: err.message }) + const message = statusCode >= 500 ? 'Internal server error' : err.message + res.status(statusCode).json({ status: err.status ?? 'error', message }) }🤖 Prompt for AI Agents