lambda-proxy icon indicating copy to clipboard operation
lambda-proxy copied to clipboard
verified publisher icon vincentsarago

Harden security by not exposing error messages

Open wchresta opened this issue 4 years ago • 0 comments

Currently, any error in a route will get exposed to the caller:

https://github.com/vincentsarago/lambda-proxy/blob/master/lambda_proxy/proxy.py#L697-L705:

        try:
            response = route_entry.endpoint(**function_kwargs)
        except Exception as err:
            self.log.error(str(err))
            response = (
                "ERROR",
                "application/json",
                json.dumps({"errorMessage": str(err)}),
            )

While this is very helpful during development and debugging, it has the potential of giving a malicious actor information the developer did not expect to expose. This issue is to argue for, and track, a feature which makes this behaviour optional and disabled by default.

Possible implementations could be:

  • An API property route_exception_handler with the signature Exception -> Optional[Response] which enables the user to choose how errors are exposed. (defaults to a handler returning an Internal server error message). If the function returns None, it would default to "Internal server error".
  • An API property verbose_error_responses: bool which control how errors are returned (True would be current implementation, False would be ("ERROR", "application/json", '{"errorMessage": "Internal server error"}')

wchresta avatar Apr 01 '21 15:04 wchresta