From d1fd4a3543e09b4db5a7e4f128e1783f582bde22 Mon Sep 17 00:00:00 2001 From: virgilchiriac Date: Mon, 19 Aug 2024 09:03:13 +0200 Subject: [PATCH 1/3] BC-7804 - prevent logging of headers --- app.js | 7 +++- controllers/files.js | 87 ++++++++++++++++++++++------------------- controllers/homework.js | 2 + 3 files changed, 54 insertions(+), 42 deletions(-) diff --git a/app.js b/app.js index c1be5b614a..7f30bf3506 100644 --- a/app.js +++ b/app.js @@ -250,7 +250,12 @@ app.use((err, req, res, next) => { res.locals = {}; } // prevent logging jwts and x-api-keys - delete error.options.headers; + if (error.options && error.options.headers) { + delete error.options.headers; + } + if (error.response && error.response.request && error.response.request.headers) { + delete error.response.request.headers; + } if (Configuration.get('FEATURE_LOG_REQUEST') === true) { const reqInfo = { diff --git a/controllers/files.js b/controllers/files.js index b7f758fc17..b87fab3285 100644 --- a/controllers/files.js +++ b/controllers/files.js @@ -672,52 +672,57 @@ router.get('/courses/', (req, res, next) => { router.get('/courses/:courseId/:folderId?', FileGetter, async (req, res, next) => { const basePath = '/files/courses/'; - const record = await api(req).get(`/courses/${req.params.courseId}`); - res.locals.files.files = res.locals.files.files.map(addThumbnails); - let canCreateFile = true; + try { + const record = await api(req).get(`/courses/${req.params.courseId}`); - let breadcrumbs = [{ - title: res.$t('files.label.filesFromMyCourse'), - url: basePath, - dataTestId: 'navigate-to-my-courses-files', - }, { - title: record.name, - url: basePath + record._id, - dataTestId: 'navigate-to-my-files-in-course', - }]; + res.locals.files.files = res.locals.files.files.map(addThumbnails); + let canCreateFile = true; - if (req.params.folderId) { - const folderBreadcrumbs = (await getBreadcrumbs(req, req.params.folderId)).map((crumb) => { - crumb.url = `${basePath}${record._id}/${crumb.id}`; - return crumb; - }); - breadcrumbs = [...breadcrumbs, ...folderBreadcrumbs]; - } + let breadcrumbs = [{ + title: res.$t('files.label.filesFromMyCourse'), + url: basePath, + dataTestId: 'navigate-to-my-courses-files', + }, { + title: record.name, + url: basePath + record._id, + dataTestId: 'navigate-to-my-files-in-course', + }]; - if (['Schüler'].includes(res.locals.currentRole)) { - canCreateFile = false; - } + if (req.params.folderId) { + const folderBreadcrumbs = (await getBreadcrumbs(req, req.params.folderId)).map((crumb) => { + crumb.url = `${basePath}${record._id}/${crumb.id}`; + return crumb; + }); + breadcrumbs = [...breadcrumbs, ...folderBreadcrumbs]; + } - res.locals.files.files = getFilesWithSaveName(res.locals.files.files); + if (['Schüler'].includes(res.locals.currentRole)) { + canCreateFile = false; + } - res.render('files/files', { - title: res.$t('files.headline.courseFiles'), - canUploadFile: true, - canCreateDir: true, - canCreateFile, - path: res.locals.files.path, - inline: req.query.inline || req.query.CKEditor, - CKEditor: req.query.CKEditor, - breadcrumbs, - showSearch: false, - courseId: req.params.courseId, - ownerId: req.params.courseId, - toCourseText: res.$t('global.button.toCourse'), - courseUrl: `/rooms/${req.params.courseId}`, - canEditPermissions: true, - parentId: req.params.folderId, - ...res.locals.files, - }); + res.locals.files.files = getFilesWithSaveName(res.locals.files.files); + + res.render('files/files', { + title: res.$t('files.headline.courseFiles'), + canUploadFile: true, + canCreateDir: true, + canCreateFile, + path: res.locals.files.path, + inline: req.query.inline || req.query.CKEditor, + CKEditor: req.query.CKEditor, + breadcrumbs, + showSearch: false, + courseId: req.params.courseId, + ownerId: req.params.courseId, + toCourseText: res.$t('global.button.toCourse'), + courseUrl: `/rooms/${req.params.courseId}`, + canEditPermissions: true, + parentId: req.params.folderId, + ...res.locals.files, + }); + } catch (error) { + next(error); + } }); router.get('/teams/', (req, res, next) => { diff --git a/controllers/homework.js b/controllers/homework.js index bb07fd522c..d31ff675fd 100644 --- a/controllers/homework.js +++ b/controllers/homework.js @@ -186,6 +186,8 @@ const getCreateHandler = (service) => (req, res, next) => { req, `${base}/${referrer}`, ); + }).catch((err) => { + next(err); }); } From 47e708f008eae7c27073620585e68ce63cfb2554 Mon Sep 17 00:00:00 2001 From: virgilchiriac Date: Wed, 21 Aug 2024 09:25:58 +0200 Subject: [PATCH 2/3] BC-7804 - prevent unhandledRejections from being logged --- app.js | 24 +++++++++++++++++------- helpers/logger.js | 2 +- 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/app.js b/app.js index 7f30bf3506..4a297e1ea0 100644 --- a/app.js +++ b/app.js @@ -238,17 +238,11 @@ const isTimeoutError = (err) => err && err.message && ( || err.message.includes('ETIMEDOUT') ); -app.use((err, req, res, next) => { +const errorHandler = (err) => { const error = err.error || err; const status = error.status || error.statusCode || 500; error.statusCode = status; - if (!error.options) { - error.options = {}; - } - if (!res.locals) { - res.locals = {}; - } // prevent logging jwts and x-api-keys if (error.options && error.options.headers) { delete error.options.headers; @@ -257,6 +251,16 @@ app.use((err, req, res, next) => { delete error.response.request.headers; } + return { error, status }; +}; + +app.use((err, req, res, next) => { + const { error, status } = errorHandler(err); + + if (!res.locals) { + res.locals = {}; + } + if (Configuration.get('FEATURE_LOG_REQUEST') === true) { const reqInfo = { url: req.originalUrl || req.url, @@ -308,4 +312,10 @@ app.use((err, req, res, next) => { }); }); +process.on('unhandledRejection', (err, res, req, next) => { + const { error, status } = errorHandler(err); + error.message = `unhandledRejection: ${error.message}`; + logger.error(error); +}); + module.exports = app; diff --git a/helpers/logger.js b/helpers/logger.js index 11b56eb6f1..665ff10ae2 100644 --- a/helpers/logger.js +++ b/helpers/logger.js @@ -34,7 +34,7 @@ const logger = createLogger({ level: logLevel, format: formatter, handleExceptions: true, - handleRejections: true, + handleRejections: false, }), ], }); From 732ad3e633182b8b736e4eb4f234f2b3ce776797 Mon Sep 17 00:00:00 2001 From: virgilchiriac Date: Thu, 22 Aug 2024 17:16:46 +0200 Subject: [PATCH 3/3] fixes --- app.js | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/app.js b/app.js index 4a297e1ea0..bb60c1e2ab 100644 --- a/app.js +++ b/app.js @@ -247,9 +247,6 @@ const errorHandler = (err) => { if (error.options && error.options.headers) { delete error.options.headers; } - if (error.response && error.response.request && error.response.request.headers) { - delete error.response.request.headers; - } return { error, status }; }; @@ -312,8 +309,8 @@ app.use((err, req, res, next) => { }); }); -process.on('unhandledRejection', (err, res, req, next) => { - const { error, status } = errorHandler(err); +process.on('unhandledRejection', (err) => { + const { error } = errorHandler(err); error.message = `unhandledRejection: ${error.message}`; logger.error(error); });