strong-error-handler 2.0.0 → 2.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/ISSUE_TEMPLATE.md +22 -21
- package/.github/PULL_REQUEST_TEMPLATE.md +5 -4
- package/CHANGES.md +34 -0
- package/CODEOWNERS +5 -0
- package/LICENSE.md +1 -1
- package/README.md +3 -1
- package/lib/content-negotiation.js +12 -0
- package/package.json +4 -4
- package/views/default-error.ejs +4 -4
- package/.npmignore +0 -35
|
@@ -1,36 +1,37 @@
|
|
|
1
1
|
<!--
|
|
2
|
-
|
|
2
|
+
Questions:
|
|
3
|
+
https://groups.google.com/forum/#!forum/loopbackjs
|
|
3
4
|
https://gitter.im/strongloop/loopback
|
|
4
|
-
|
|
5
|
-
- Immediate support is available through our subscription plans, see
|
|
5
|
+
Immediate support:
|
|
6
6
|
https://strongloop.com/api-connect-faqs/
|
|
7
|
+
https://strongloop.com/node-js/subscription-plans/
|
|
7
8
|
-->
|
|
8
9
|
|
|
9
|
-
|
|
10
|
+
# Description/Steps to reproduce
|
|
10
11
|
|
|
11
12
|
<!--
|
|
12
|
-
|
|
13
|
+
If feature: A description of the feature
|
|
14
|
+
If bug: Steps to reproduce
|
|
13
15
|
-->
|
|
14
16
|
|
|
15
|
-
|
|
16
|
-
- [ ] Feature request
|
|
17
|
-
|
|
18
|
-
### Description of feature (or steps to reproduce if bug)
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
### Link to sample repo to reproduce issue (if bug)
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
### Expected result
|
|
17
|
+
# Link to reproduction sandbox
|
|
27
18
|
|
|
19
|
+
<!--
|
|
20
|
+
Link to an app sandbox for reproduction
|
|
28
21
|
|
|
22
|
+
Note: Failure to provide a sandbox application for reproduction purposes will result in the issue being closed.
|
|
23
|
+
-->
|
|
29
24
|
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
25
|
+
# Expected result
|
|
33
26
|
|
|
34
|
-
|
|
27
|
+
<!--
|
|
28
|
+
Also include actual results if bug
|
|
29
|
+
-->
|
|
35
30
|
|
|
31
|
+
# Additional information
|
|
36
32
|
|
|
33
|
+
<!--
|
|
34
|
+
Copy+paste the output of these two commands:
|
|
35
|
+
node -e 'console.log(process.platform, process.arch, process.versions.node)'
|
|
36
|
+
npm ls --prod --depth 0 | grep loopback
|
|
37
|
+
-->
|
|
@@ -6,17 +6,18 @@
|
|
|
6
6
|
<!--
|
|
7
7
|
Please use the following link syntaxes:
|
|
8
8
|
|
|
9
|
-
- #49 (to reference issues in the current repository)
|
|
10
|
-
- strongloop/loopback#49 (to reference issues in another repository)
|
|
9
|
+
- connect to #49 (to reference issues in the current repository)
|
|
10
|
+
- connect to strongloop/loopback#49 (to reference issues in another repository)
|
|
11
11
|
-->
|
|
12
12
|
|
|
13
|
-
-
|
|
13
|
+
- connect to <link_to_referenced_issue>
|
|
14
14
|
|
|
15
15
|
### Checklist
|
|
16
16
|
|
|
17
17
|
<!--
|
|
18
|
-
Please mark your choice with an "x" (i.e. [x], see
|
|
18
|
+
- Please mark your choice with an "x" (i.e. [x], see
|
|
19
19
|
https://github.com/blog/1375-task-lists-in-gfm-issues-pulls-comments)
|
|
20
|
+
- PR's without test coverage will be closed.
|
|
20
21
|
-->
|
|
21
22
|
|
|
22
23
|
- [ ] New tests added or existing tests modified to cover all changes
|
package/CHANGES.md
CHANGED
|
@@ -1,3 +1,37 @@
|
|
|
1
|
+
2018-01-25, Version 2.3.1
|
|
2
|
+
=========================
|
|
3
|
+
|
|
4
|
+
* Escape strings in HTML output (XSS fix) (Zachery Metcalf)
|
|
5
|
+
|
|
6
|
+
* Update LICENSE.md (Diana Lau)
|
|
7
|
+
|
|
8
|
+
|
|
9
|
+
2017-10-13, Version 2.3.0
|
|
10
|
+
=========================
|
|
11
|
+
|
|
12
|
+
* update strong-globalize to 3.1.0 (shimks)
|
|
13
|
+
|
|
14
|
+
* CODEOWNERS: add zbarbuto (Miroslav Bajtoš)
|
|
15
|
+
|
|
16
|
+
* Update Issue and PR Templates (#59) (Sakib Hasan)
|
|
17
|
+
|
|
18
|
+
* fixed json typo of server/middleware.json (karanssj4)
|
|
19
|
+
|
|
20
|
+
* Add CODEOWNER file (Diana Lau)
|
|
21
|
+
|
|
22
|
+
|
|
23
|
+
2017-07-20, Version 2.2.0
|
|
24
|
+
=========================
|
|
25
|
+
|
|
26
|
+
* Add new option: negotiateContentType (Raj)
|
|
27
|
+
|
|
28
|
+
|
|
29
|
+
2017-04-18, Version 2.1.0
|
|
30
|
+
=========================
|
|
31
|
+
|
|
32
|
+
* Bump js2xmlparser dependency to version 3.0.0 (Matthew O'Donoghue)
|
|
33
|
+
|
|
34
|
+
|
|
1
35
|
2017-03-22, Version 2.0.0
|
|
2
36
|
=========================
|
|
3
37
|
|
package/CODEOWNERS
ADDED
package/LICENSE.md
CHANGED
package/README.md
CHANGED
|
@@ -82,6 +82,8 @@ The content type of the response depends on the request's `Accepts` header.
|
|
|
82
82
|
| debug | Boolean | `false` | If `true`, HTTP responses include all error properties, including sensitive data such as file paths, URLs and stack traces. See [Example output](#example) below. |
|
|
83
83
|
| log | Boolean | `true` | If `true`, all errors are printed via `console.error`, including an array of fields (custom error properties) that are safe to include in response messages (both 4xx and 5xx). <br/> If `false`, sends only the error back in the response. |
|
|
84
84
|
| safeFields | [String] | `[]` | Specifies property names on errors that are allowed to be passed through in 4xx and 5xx responses. See [Safe error fields](#safe-error-fields) below. |
|
|
85
|
+
| defaultType | String | `"json"` | Specify the default response content type to use when the client does not provide any Accepts header.
|
|
86
|
+
| negotiateContentType | Boolean | true | Negotiate the response content type via Accepts request header. When disabled, strong-error-handler will always use the default content type when producing responses. Disabling content type negotiation is useful if you want to see JSON-formatted error responses in browsers, because browsers usually prefer HTML and XML over other content types.
|
|
85
87
|
|
|
86
88
|
### Customizing log format
|
|
87
89
|
|
|
@@ -119,7 +121,7 @@ Then in `server/middleware.json`, specify your custom error logging function as
|
|
|
119
121
|
"./middleware/error-logger": {},
|
|
120
122
|
"strong-error-handler": {
|
|
121
123
|
"params": {
|
|
122
|
-
log: false
|
|
124
|
+
"log": false
|
|
123
125
|
}
|
|
124
126
|
}
|
|
125
127
|
}
|
|
@@ -56,6 +56,18 @@ function negotiateContentProducer(req, logWarning, options) {
|
|
|
56
56
|
debug('Resolved content-type', resolvedContentType);
|
|
57
57
|
var contentType = resolvedContentType || defaultType;
|
|
58
58
|
|
|
59
|
+
if (options.negotiateContentType === false) {
|
|
60
|
+
if (SUPPORTED_TYPES.indexOf(options.defaultType) > -1) {
|
|
61
|
+
debug('Forcing options.defaultType `%s`',
|
|
62
|
+
options.defaultType);
|
|
63
|
+
contentType = options.defaultType;
|
|
64
|
+
} else {
|
|
65
|
+
debug('contentType: `%s` is not supported, ' +
|
|
66
|
+
'falling back to contentType: `%s`',
|
|
67
|
+
options.defaultType, contentType);
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
|
|
59
71
|
// to receive _format from user's url param to overide the content type
|
|
60
72
|
// req.query (eg /api/Users/1?_format=json will overide content negotiation
|
|
61
73
|
// https://github.com/strongloop/strong-remoting/blob/ac3093dcfbb787977ca0229b0f672703859e52e1/lib/http-context.js#L643-L645
|
package/package.json
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
"name": "strong-error-handler",
|
|
3
3
|
"description": "Error handler for use in development and production environments.",
|
|
4
4
|
"license": "MIT",
|
|
5
|
-
"version": "2.
|
|
5
|
+
"version": "2.3.1",
|
|
6
6
|
"engines": {
|
|
7
7
|
"node": ">=4"
|
|
8
8
|
},
|
|
@@ -19,10 +19,10 @@
|
|
|
19
19
|
"dependencies": {
|
|
20
20
|
"accepts": "^1.3.3",
|
|
21
21
|
"debug": "^2.2.0",
|
|
22
|
-
"ejs": "^2.
|
|
22
|
+
"ejs": "^2.5.7",
|
|
23
23
|
"http-status": "^1.0.0",
|
|
24
|
-
"js2xmlparser": "^
|
|
25
|
-
"strong-globalize": "^
|
|
24
|
+
"js2xmlparser": "^3.0.0",
|
|
25
|
+
"strong-globalize": "^3.1.0"
|
|
26
26
|
},
|
|
27
27
|
"devDependencies": {
|
|
28
28
|
"chai": "^3.5.0",
|
package/views/default-error.ejs
CHANGED
|
@@ -1,19 +1,19 @@
|
|
|
1
1
|
<html>
|
|
2
2
|
<head>
|
|
3
3
|
<meta charset='utf-8'>
|
|
4
|
-
<title
|
|
4
|
+
<title><%= data.name || data.message %></title>
|
|
5
5
|
<style><%- include style.css %></style>
|
|
6
6
|
</head>
|
|
7
7
|
<body>
|
|
8
8
|
<div id="wrapper">
|
|
9
|
-
<h1
|
|
10
|
-
<h2><em
|
|
9
|
+
<h1><%= data.name %></h1>
|
|
10
|
+
<h2><em><%= data.statusCode %></em> <%= data.message %></h2>
|
|
11
11
|
<%
|
|
12
12
|
// display all the non-standard properties
|
|
13
13
|
var standardProps = ['name', 'statusCode', 'message', 'stack'];
|
|
14
14
|
for (var prop in data) {
|
|
15
15
|
if (standardProps.indexOf(prop) == -1 && data[prop]) { %>
|
|
16
|
-
<div><b
|
|
16
|
+
<div><b><%= prop %></b>: <%= data[prop] %></div>
|
|
17
17
|
<% }
|
|
18
18
|
}
|
|
19
19
|
if (data.stack) { %>
|
package/.npmignore
DELETED
|
@@ -1,35 +0,0 @@
|
|
|
1
|
-
# Logs
|
|
2
|
-
logs
|
|
3
|
-
*.log
|
|
4
|
-
npm-debug.log*
|
|
5
|
-
|
|
6
|
-
# Runtime data
|
|
7
|
-
pids
|
|
8
|
-
*.pid
|
|
9
|
-
*.seed
|
|
10
|
-
|
|
11
|
-
# Directory for instrumented libs generated by jscoverage/JSCover
|
|
12
|
-
lib-cov
|
|
13
|
-
|
|
14
|
-
# Coverage directory used by tools like istanbul
|
|
15
|
-
coverage
|
|
16
|
-
|
|
17
|
-
# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
|
|
18
|
-
.grunt
|
|
19
|
-
|
|
20
|
-
# node-waf configuration
|
|
21
|
-
.lock-wscript
|
|
22
|
-
|
|
23
|
-
# Compiled binary addons (http://nodejs.org/api/addons.html)
|
|
24
|
-
build/Release
|
|
25
|
-
|
|
26
|
-
# Dependency directory
|
|
27
|
-
node_modules
|
|
28
|
-
|
|
29
|
-
# Optional npm cache directory
|
|
30
|
-
.npm
|
|
31
|
-
|
|
32
|
-
# Optional REPL history
|
|
33
|
-
.node_repl_history
|
|
34
|
-
test
|
|
35
|
-
.travis.yml
|