在响应中始终包含err.Error()是否安全?

huangapple go评论78阅读模式
英文:

Is it always safe to include err.Error() in the response?

问题

示例:

err := Db.Find(&event, id).Error
if err != nil {
    c.JSON(500, err.Error())
    return
}

我担心它可能包含敏感信息。例如:当连接到数据库时,如果数据库凭据无效,我担心错误消息可能是这样的:"无效的用户名:sample和密码:xxx"

英文:

Example:

err := Db.Find(&event, id).Error
if err != nil {
    c.JSON(500, err.Error())
    return
}

I'm worried that it might include sensitive information. Example: when connecting to a database and the db credentials are invalid, I'm worried that the error message might be something like: "invalid username: sample and password: xxx"

答案1

得分: 3

你有效地回答了自己的问题:你指出它可能包含敏感信息,这意味着将它们包含在对用户可见的响应中并不总是安全的

它还可能包含与你的实现相关的信息(例如包名、类型名、调用层次结构),以及配置数据(例如服务器名、数据库名、用户名等),可能会暴露私密和敏感的架构和业务信息。

想一想:你是一个包的作者,你创建了函数/方法返回的error值(错误消息)。你创建了描述为什么请求的函数无法正常完成的详细错误消息,这些消息是为调用该函数/方法的开发人员(即开发者)而设计的,而不是为最终用户设计的——最终用户不应该知道底层发生了什么。

error.Error()消息是为开发人员准备的。它们在测试期间也非常有用。对于查找错误而言,它们是必不可少的。你不应该向用户显示这些消息,而是将其记录下来,并向用户提供更通用或用户友好的错误消息,告知他们开发团队已经收到通知并正在解决问题。显示原始错误消息可能会导致经验不足的用户困惑,并可能引发安全问题。

英文:

Effectively you answered your own question: you pointed out it may contain sensitive information which means it is not always safe to include them in responses visible to the users.

It may also contain information related to your implementation (e.g. package names, type names, call hierarchy), and also configuration data (e.g. server name, database name, user names etc.), potentially exposing private and sensitive architecture and business information.

Think about it: you're a package author and you create the error values (error messages) returned by your functions / methods. You create descriptive error messages describing why a requested function cannot complete normally, intended for the callers of that function/method (the developers), and not for the end users - who shouldn't know what's going on under the hood.

error.Error() messages are for the developers. They are also useful during testing. And they are indispensable for hunting down bugs. You should not show them to the users, instead log them to which you have access, and provide a more general or a user friendly error message to the users, ensuring them that the dev team has been notified and are looking into the problem. Showing original error messages may cause confusion in inexperienced users, and may raise security issues.

答案2

得分: 1

最好的方法是将错误写入错误日志,并为返回自定义数据库错误信息。

例如:

var (
    ErrEventNotFound = "未找到事件。"
)

err := Db.Find(&event, id).Error
if err != nil {
    // 写入日志文件
    c.JSON(500, ErrEventNotFound)
    return
}
英文:

The best way is to write to the error log, And custom database error info for return.

like:

var (
    ErrEventNotFound = "Event not found."
)

err := Db.Find(&event, id).Error
if err != nil {
    // Log to file
    c.JSON(500, ErrEventNotFound)
    return
}

huangapple
  • 本文由 发表于 2016年1月15日 17:19:32
  • 转载请务必保留本文链接:https://go.coder-hub.com/34807802.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定