cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Incorrect documentation regarding "Error Sanitization"?

gregorw
Active Contributor

on ‎02-07-2023 7:18 AM

0 Kudos

Hello CAP Community,

the documentation on req.error, notify, info, warn (code?, msg, target?, args?) has a section Error Sanitization. There there behaviour of CAP in a production environment ( NODE_ENV=production ) is described. The documentation contains this sentence:

"Errors defined by app developers are not sanitized and returned to the client unchanged."

I've tested the behaviour in my sample project bookshop-demo. When I use (srv/admin-service.js#L689😞

req.error

and I run in production, I see the following behaviour:

I select the Order No. 9:

and click "Check Consistency V4". The Pop-Up is:

When I test Order No. 7. where the implementation uses req.info but sets numericSeverity = 4 I see this behavour:

I think the statement "Errors defined by app developers are not sanitized and returned to the client unchanged." isn't correct or?

Best Regards
Gregor

cc: rene.jeglinsky

Show replies
Show replies
René
Product and Topic Expert
Product and Topic Expert
‎02-07-2023 4:16 PM

Hi Gregor,

thanks for reporting this. We'll get back to you soon.

All the best,

René

gregorw
Active Contributor
‎03-07-2023 10:00 PM

Hi rene.jeglinsky,

do you have any update on this topic?

Best Regards
Gregor

Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

René
Product and Topic Expert
Product and Topic Expert
5 hours ago
0 Kudos

Hi @gregorw ,

I'm sorry if I missed it, but have you added the status to your error message? This is required and the docs are not very specific about that. If this is the issue, we'll surely fix it!

Regards,
René

Show replies
Show replies
nicorunge
Participant
4 hours ago
0 Kudos

Hi @René,

I still cannot bring these two sentences together.

"Hence, we sanitize all server-side errors thrown by the CAP framework. That is, all errors with a 5xx status code"

"Errors defined by app developers aren't sanitized and returned to the client unchanged."

Does this mean, it's not sanitized when setting any status, or only for status 4xx?

Thanks,
Nico

CatalinChiuaru
Explorer
3 weeks ago
0 Kudos

Hello Gregor,

I have the same issue as you had in the past - locally the error message is shown properly on the SAP Fiori app, but in production (on BTP) the generic internal server error appears.

Was it possible to solve it in your case and if yes, could you please provide some small instructions on how you fixed it?

Thank you very much,

Cata

Show replies
Show replies
nicorunge
Participant
Tuesday
0 Kudos
It seems that this problem still exists.
Ask a Question