fix: sanitize error responses to prevent internal detail leakage#2456
Open
pablo-ibco wants to merge 1 commit into
Open
fix: sanitize error responses to prevent internal detail leakage#2456pablo-ibco wants to merge 1 commit into
pablo-ibco wants to merge 1 commit into
Conversation
The fallback 500 error handler was sending raw error messages to clients, potentially exposing database errors, driver messages, or other internal details. The OpenAI error handler was also forwarding response headers from the upstream API. Errors are still fully logged server-side via the existing logger.error() call.
lemilonkh
reviewed
Apr 13, 2026
| errorMessage = (err as Object).toString(); | ||
| } | ||
| return NextResponse.json( | ||
| { error: { message: "Internal server error", error: errorMessage } }, |
Contributor
There was a problem hiding this comment.
I get the idea here of not accidentally leaking database details (hoewever all of our DB structure etc. is available publicly in this repository), for now I would hold off on merging this though.
This information can be crucial for debugging and until we have Grafana fully set up on our prod environment we kind of rely on this to debug it.
Contributor
Author
There was a problem hiding this comment.
@lemilonkh nice! Do we have on our roadmap when we plan to have Grafana fully set up or is it something being discussed yet?
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
apiHandlerto stopleaking internal error details to API clients
headersfrom OpenAI API error responsesMotivation
The
errorHandlerinapp/src/util/api.tshas a fallback branch for unrecognized errors that was extractingerr.messageand returning it in the JSON body alongside"Internal server error". This could expose:The OpenAI error branch was also forwarding
headersfrom the upstream OpenAI API response, which could contain rate limit details or other internal metadata that clients should not see.Changes
{ error: { message: "Internal server error" } }without the raw error string (the full error is still logged server-side
via
logger.error(err)on line 422){ error: { name, message } }withoutheadersTest plan
the generic message, not internal details
npm run ci:test)