Document how to handle exceptions when passing the messages to Frontend
Problem to solve
Today we don't have good practices how to handle exceptions from third parties (like external HTTP clients).
Sometimes we do pass unsolicated e.message
directly to frontend which in the past resulted in exposing
confidential data from our infrastracture.
Proposal
I think that we should prepare practices where we propose to:
- Log the exception to secure target (log file or Sentry),
- Return to frontend generic information, including
Correlation ID
, - Allow at most to return to frontend the numeric HTTP Status COde.
Links / references
cc @gitlab-com/gl-security @andrewn Any thoughts?
Edited by Kamil Trzciński