npm - strong-error-handler - Versions diffs - 3.4.0 → 3.5.0 - Mend

strong-error-handler 3.4.0 → 3.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/CHANGES.md CHANGED Viewed

@@ -1,3 +1,11 @@
+2020-06-23, Version 3.5.0
+=========================
+ * feat: add options.rootProperty for json/xml (Raymond Feng)
+ * chore: update deps and drop Node 8.x support (Raymond Feng)
 2019-10-12, Version 3.4.0
 =========================

package/README.md CHANGED Viewed

@@ -14,9 +14,9 @@ In debug mode, `strong-error-handler` returns full error stack traces and intern
 ## Supported versions
-Current|Long Term Support|Maintenance
-:-:|:-:|:-:
-3.x|2.x|1.x
+| Current | Long Term Support | Maintenance |
+| :-----: | :---------------: | :---------: |
+|   4.x   |        3.x        |     2.x     |
 Learn more about our LTS plan in [docs](http://loopback.io/doc/en/contrib/Long-term-support.html).
@@ -108,24 +108,25 @@ The content type of the response depends on the request's `Accepts` header.
 ## Options
-| Option | Type | Default | Description |
-| ---- | ---- | ---- | ---- |
-| debug | Boolean&nbsp;&nbsp;&nbsp; | `false` | If `true`, HTTP responses include all error properties, including sensitive data such as file paths, URLs and stack traces. See [Example output](#example) below. |
-| log | Boolean | `true` |  If `true`, all errors are printed via `console.error`, including an array of fields (custom error properties) that are safe to include in response messages (both 4xx and 5xx). <br/> If `false`, sends only the error back in the response. |
-| safeFields | [String] | `[]` |  Specifies property names on errors that are allowed to be passed through in 4xx and 5xx responses. See [Safe error fields](#safe-error-fields) below. |
-| defaultType | String | `"json"` | Specify the default response content type to use when the client does not provide any Accepts header.
-| negotiateContentType | Boolean | true | Negotiate the response content type via Accepts request header. When disabled, strong-error-handler will always use the default content type when producing responses. Disabling content type negotiation is useful if you want to see JSON-formatted error responses in browsers, because browsers usually prefer HTML and XML over other content types.
+| Option               | Type                      | Default   | Description                                                                                                                                                                                                                                                                                                                                               |
+| -------------------- | ------------------------- | --------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| debug                | Boolean&nbsp;&nbsp;&nbsp; | `false`   | If `true`, HTTP responses include all error properties, including sensitive data such as file paths, URLs and stack traces. See [Example output](#example) below.                                                                                                                                                                                         |
+| log                  | Boolean                   | `true`    | If `true`, all errors are printed via `console.error`, including an array of fields (custom error properties) that are safe to include in response messages (both 4xx and 5xx). <br/> If `false`, sends only the error back in the response.                                                                                                              |
+| safeFields           | [String]                  | `[]`      | Specifies property names on errors that are allowed to be passed through in 4xx and 5xx responses. See [Safe error fields](#safe-error-fields) below.                                                                                                                                                                                                     |
+| defaultType          | String                    | `"json"`  | Specifies the default response content type to use when the client does not provide any Accepts header.                                                                                                                                                                                                                                                   |
+| rootProperty         | String or false           | `"error"` | Specifies the root property name for json or xml. If the value is set to `false`, no wrapper will be added to the json object. The false value is ignored by XML as a root element is always required.                                                                                                                                                    |
+| negotiateContentType | Boolean                   | true      | Negotiate the response content type via Accepts request header. When disabled, strong-error-handler will always use the default content type when producing responses. Disabling content type negotiation is useful if you want to see JSON-formatted error responses in browsers, because browsers usually prefer HTML and XML over other content types. |
 ### Customizing log format
-**Express**
+**Express**
-To use a different log format, add your own custom error-handling middleware then disable `errorHandler.log`.
+To use a different log format, add your own custom error-handling middleware then disable `errorHandler.log`.
 For example, in an Express application:
 ```js
 app.use(myErrorLogger());
-app.use(errorHandler({ log: false }));
+app.use(errorHandler({log: false}));
 ```
 In general, add `strong-error-handler` as the last middleware function, just before calling `app.listen()`.
@@ -234,7 +235,7 @@ To migrate a LoopBack 2.x application to use `strong-error-handler`:
     }
 </pre>
-For more information, see
+For more information, see
 [Migrating apps to LoopBack 3.0](http://loopback.io/doc/en/lb3/Migrating-to-3.0.html#update-use-of-rest-error-handler).
 ## Example
@@ -252,17 +253,17 @@ The same error generated when `debug: true` :
   { statusCode: 500,
   name: 'Error',
   message: 'a test error message',
-  stack: 'Error: a test error message
-  at Context.<anonymous> (User/strong-error-handler/test/handler.test.js:220:21)
-  at callFnAsync (User/strong-error-handler/node_modules/mocha/lib/runnable.js:349:8)
-  at Test.Runnable.run (User/strong-error-handler/node_modules/mocha/lib/runnable.js:301:7)
-  at Runner.runTest (User/strong-error-handler/node_modules/mocha/lib/runner.js:422:10)
-  at User/strong-error-handler/node_modules/mocha/lib/runner.js:528:12
-  at next (User/strong-error-handler/node_modules/mocha/lib/runner.js:342:14)
-  at User/strong-error-handler/node_modules/mocha/lib/runner.js:352:7
-  at next (User/strong-error-handler/node_modules/mocha/lib/runner.js:284:14)
-  at Immediate._onImmediate (User/strong-error-handler/node_modules/mocha/lib/runner.js:320:5)
-  at tryOnImmediate (timers.js:543:15)
+  stack: 'Error: a test error message
+  at Context.<anonymous> (User/strong-error-handler/test/handler.test.js:220:21)
+  at callFnAsync (User/strong-error-handler/node_modules/mocha/lib/runnable.js:349:8)
+  at Test.Runnable.run (User/strong-error-handler/node_modules/mocha/lib/runnable.js:301:7)
+  at Runner.runTest (User/strong-error-handler/node_modules/mocha/lib/runner.js:422:10)
+  at User/strong-error-handler/node_modules/mocha/lib/runner.js:528:12
+  at next (User/strong-error-handler/node_modules/mocha/lib/runner.js:342:14)
+  at User/strong-error-handler/node_modules/mocha/lib/runner.js:352:7
+  at next (User/strong-error-handler/node_modules/mocha/lib/runner.js:284:14)
+  at Immediate._onImmediate (User/strong-error-handler/node_modules/mocha/lib/runner.js:320:5)
+  at tryOnImmediate (timers.js:543:15)
   at processImmediate [as _immediateCallback] (timers.js:523:5)' }}
 ```

package/index.d.ts CHANGED Viewed

@@ -53,6 +53,7 @@ declare namespace errorHandlerFactory {
     safeFields?: string[];
     defaultType?: string;
     negotiateContentType?: boolean;
+    rootProperty?: string | false;
   }
   /**

package/lib/handler.js CHANGED Viewed

@@ -10,7 +10,6 @@ const SG = require('strong-globalize');
 SG.SetRootDir(path.resolve(__dirname, '..'));
 const buildResponseData = require('./data-builder');
 const debug = require('debug')('strong-error-handler');
-const format = require('util').format;
 const logToConsole = require('./logger');
 const negotiateContentProducer = require('./content-negotiation');
@@ -50,7 +49,7 @@ function writeErrorToResponse(err, req, res, options) {
   options = options || {};
-  if (res._header) {
+  if (res.headersSent) {
     debug('Response was already sent, closing the underlying connection');
     return req.socket.destroy();
   }
@@ -66,7 +65,7 @@ function writeErrorToResponse(err, req, res, options) {
   res.statusCode = data.statusCode;
   const sendResponse = negotiateContentProducer(req, warn, options);
-  sendResponse(res, data);
+  sendResponse(res, data, options);
   function warn(msg) {
     res.header('X-Warning', msg);

package/lib/send-html.js CHANGED Viewed

@@ -17,10 +17,10 @@ const compiledTemplates = {
 module.exports = sendHtml;
 function sendHtml(res, data, options) {
-  const toRender = {options: {}, data: data};
+  const toRender = {options, data};
   // TODO: ability to call non-default template functions from options
   const body = compiledTemplates.default(toRender);
-  sendReponse(res, body);
+  sendResponse(res, body);
 }
 /**
@@ -41,7 +41,7 @@ function loadDefaultTemplates() {
   return compileTemplate(defaultTemplate);
 }
-function sendReponse(res, body) {
+function sendResponse(res, body) {
   res.setHeader('Content-Type', 'text/html; charset=utf-8');
   res.end(body);
 }

package/lib/send-json.js CHANGED Viewed

@@ -7,8 +7,14 @@
 const safeStringify = require('fast-safe-stringify');
-module.exports = function sendJson(res, data) {
-  const content = safeStringify({error: data});
+module.exports = function sendJson(res, data, options) {
+  options = options || {};
+  // Set `options.rootProperty` to not wrap the data into an `error` object
+  const err = options.rootProperty === false ? data : {
+    // Use `options.rootProperty`, if not set, default to `error`
+    [options.rootProperty || 'error']: data,
+  };
+  const content = safeStringify(err);
   res.setHeader('Content-Type', 'application/json; charset=utf-8');
   res.end(content, 'utf-8');
 };

package/lib/send-xml.js CHANGED Viewed

@@ -7,8 +7,12 @@
 const js2xmlparser = require('js2xmlparser');
-module.exports = function sendXml(res, data) {
-  const content = js2xmlparser.parse('error', data);
+module.exports = function sendXml(res, data, options) {
+  options = options || {};
+  // Xml always requires a root element.
+  // `options.rootProperty === false` is not honored
+  const root = options.rootProperty || 'error';
+  const content = js2xmlparser.parse(root, data);
   res.setHeader('Content-Type', 'text/xml; charset=utf-8');
   res.end(content, 'utf-8');
 };

package/package.json CHANGED Viewed

@@ -2,9 +2,9 @@
   "name": "strong-error-handler",
   "description": "Error handler for use in development and production environments.",
   "license": "MIT",
-  "version": "3.4.0",
+  "version": "3.5.0",
   "engines": {
-    "node": ">=8"
+    "node": ">=10"
   },
   "repository": {
     "type": "git",
@@ -20,18 +20,18 @@
     "@types/express": "^4.16.0",
     "accepts": "^1.3.3",
     "debug": "^4.1.1",
-    "ejs": "^2.6.1",
+    "ejs": "^3.1.3",
     "fast-safe-stringify": "^2.0.6",
     "http-status": "^1.1.2",
     "js2xmlparser": "^4.0.0",
-    "strong-globalize": "^5.0.2"
+    "strong-globalize": "^6.0.1"
   },
   "devDependencies": {
     "chai": "^4.1.2",
-    "eslint": "^6.5.1",
+    "eslint": "^7.0.0",
     "eslint-config-loopback": "^13.1.0",
     "express": "^4.16.3",
-    "mocha": "^6.2.1",
+    "mocha": "^7.1.2",
     "supertest": "^4.0.2"
   },
   "browser": {

package/views/default-error.ejs CHANGED Viewed

@@ -2,7 +2,7 @@
   <head>
     <meta charset='utf-8'>
     <title><%= data.name || data.message %></title>
-    <style><%- include style.css %></style>
+    <style><%- include('style.css') %></style>
   </head>
   <body>
     <div id="wrapper">

package/.travis.yml DELETED Viewed

@@ -1,6 +0,0 @@
-sudo: false
-language: node_js
-node_js:
-  - "8"
-  - "10"
-  - "12"

package/test/handler.test.js DELETED Viewed

@@ -1,942 +0,0 @@
-// Copyright IBM Corp. 2016,2018. All Rights Reserved.
-// Node module: strong-error-handler
-// This file is licensed under the MIT License.
-// License text available at https://opensource.org/licenses/MIT
-'use strict';
-const cloneAllProperties = require('../lib/clone.js');
-const debug = require('debug')('test');
-const expect = require('chai').expect;
-const express = require('express');
-const strongErrorHandler = require('..');
-const supertest = require('supertest');
-const util = require('util');
-describe('strong-error-handler', function() {
-  before(setupHttpServerAndClient);
-  beforeEach(resetRequestHandler);
-  after(stopHttpServerAndClient);
-  it('sets nosniff header', function(done) {
-    givenErrorHandlerForError();
-    request.get('/')
-      .expect('X-Content-Type-Options', 'nosniff')
-      .expect(500, done);
-  });
-  it('handles response headers already sent', function(done) {
-    givenErrorHandlerForError();
-    const handler = _requestHandler;
-    _requestHandler = function(req, res, next) {
-      res.end('empty');
-      process.nextTick(function() {
-        handler(req, res, next);
-      });
-    };
-    request.get('/').expect(200, 'empty', done);
-  });
-  context('status code', function() {
-    it('converts non-error "err.status" to 500', function(done) {
-      givenErrorHandlerForError(new ErrorWithProps({status: 200}));
-      request.get('/').expect(500, done);
-    });
-    it('converts non-error "err.statusCode" to 500', function(done) {
-      givenErrorHandlerForError(new ErrorWithProps({statusCode: 200}));
-      request.get('/').expect(500, done);
-    });
-    it('uses the value from "err.status"', function(done) {
-      givenErrorHandlerForError(new ErrorWithProps({status: 404}));
-      request.get('/').expect(404, done);
-    });
-    it('uses the value from "err.statusCode"', function(done) {
-      givenErrorHandlerForError(new ErrorWithProps({statusCode: 404}));
-      request.get('/').expect(404, done);
-    });
-    it('prefers "err.statusCode" over "err.status"', function(done) {
-      givenErrorHandlerForError(new ErrorWithProps({
-        statusCode: 400,
-        status: 404,
-      }));
-      request.get('/').expect(400, done);
-    });
-    it('handles error from `res.statusCode`', function(done) {
-      givenErrorHandlerForError();
-      const handler = _requestHandler;
-      _requestHandler = function(req, res, next) {
-        res.statusCode = 507;
-        handler(req, res, next);
-      };
-      request.get('/').expect(
-        507,
-        {error: {statusCode: 507, message: 'Insufficient Storage'}},
-        done
-      );
-    });
-  });
-  context('logging', function() {
-    let logs;
-    beforeEach(redirectConsoleError);
-    afterEach(restoreConsoleError);
-    it('logs by default', function(done) {
-      givenErrorHandlerForError(new Error(), {
-        // explicitly set to undefined to prevent givenErrorHandlerForError
-        // from disabling this option
-        log: undefined,
-      });
-      request.get('/').end(function(err) {
-        if (err) return done(err);
-        expect(logs).to.have.length(1);
-        done();
-      });
-    });
-    it('honours options.log=false', function(done) {
-      givenErrorHandlerForError(new Error(), {log: false});
-      request.get('/api').end(function(err) {
-        if (err) return done(err);
-        expect(logs).to.have.length(0);
-        done();
-      });
-    });
-    it('honours options.log=true', function(done) {
-      givenErrorHandlerForError(new Error(), {log: true});
-      request.get('/api').end(function(err) {
-        if (err) return done(err);
-        expect(logs).to.have.length(1);
-        done();
-      });
-    });
-    it('includes relevant information in the log message', function(done) {
-      givenErrorHandlerForError(new TypeError('ERROR-NAME'), {log: true});
-      request.get('/api').end(function(err) {
-        if (err) return done(err);
-        const msg = logs[0];
-        // the request method
-        expect(msg).to.contain('GET');
-        // the request path
-        expect(msg).to.contain('/api');
-        // the error name & message
-        expect(msg).to.contain('TypeError: ERROR-NAME');
-        // the stack
-        expect(msg).to.contain(__filename);
-        done();
-      });
-    });
-    it('handles array argument', function(done) {
-      givenErrorHandlerForError(
-        [new TypeError('ERR1'), new Error('ERR2')],
-        {log: true}
-      );
-      request.get('/api').end(function(err) {
-        if (err) return done(err);
-        const msg = logs[0];
-        // the request method
-        expect(msg).to.contain('GET');
-        // the request path
-        expect(msg).to.contain('/api');
-        // the error name & message for all errors
-        expect(msg).to.contain('TypeError: ERR1');
-        expect(msg).to.contain('Error: ERR2');
-        // verify that stacks are included too
-        expect(msg).to.contain(__filename);
-        done();
-      });
-    });
-    it('handles non-Error argument', function(done) {
-      givenErrorHandlerForError('STRING ERROR', {log: true});
-      request.get('/').end(function(err) {
-        if (err) return done(err);
-        const msg = logs[0];
-        expect(msg).to.contain('STRING ERROR');
-        done();
-      });
-    });
-    const _consoleError = console.error;
-    function redirectConsoleError() {
-      logs = [];
-      console.error = function() {
-        const msg = util.format.apply(util, arguments);
-        logs.push(msg);
-      };
-    }
-    function restoreConsoleError() {
-      console.error = _consoleError;
-      logs = [];
-    }
-  });
-  context('JSON response', function() {
-    it('contains all error properties when debug=true', function(done) {
-      const error = new ErrorWithProps({
-        message: 'a test error message',
-        code: 'MACHINE_READABLE_CODE',
-        details: 'some details',
-        extra: 'sensitive data',
-      });
-      givenErrorHandlerForError(error, {debug: true});
-      requestJson().end(function(err, res) {
-        if (err) return done(err);
-        const expectedData = {
-          statusCode: 500,
-          message: 'a test error message',
-          name: 'ErrorWithProps',
-          code: 'MACHINE_READABLE_CODE',
-          details: 'some details',
-          extra: 'sensitive data',
-          stack: error.stack,
-        };
-        expect(res.body).to.have.property('error');
-        expect(res.body.error).to.eql(expectedData);
-        done();
-      });
-    });
-    it('includes code property for 4xx status codes when debug=false',
-      function(done) {
-        const error = new ErrorWithProps({
-          statusCode: 400,
-          message: 'error with code',
-          name: 'ErrorWithCode',
-          code: 'MACHINE_READABLE_CODE',
-        });
-        givenErrorHandlerForError(error, {debug: false});
-        requestJson().end(function(err, res) {
-          if (err) return done(err);
-          const expectedData = {
-            statusCode: 400,
-            message: 'error with code',
-            name: 'ErrorWithCode',
-            code: 'MACHINE_READABLE_CODE',
-          };
-          expect(res.body).to.have.property('error');
-          expect(res.body.error).to.eql(expectedData);
-          done();
-        });
-      });
-    it('excludes code property for 5xx status codes when debug=false',
-      function(done) {
-        const error = new ErrorWithProps({
-          statusCode: 500,
-          code: 'MACHINE_READABLE_CODE',
-        });
-        givenErrorHandlerForError(error, {debug: false});
-        requestJson().end(function(err, res) {
-          if (err) return done(err);
-          const expectedData = {
-            statusCode: 500,
-            message: 'Internal Server Error',
-          };
-          expect(res.body).to.have.property('error');
-          expect(res.body.error).to.eql(expectedData);
-          done();
-        });
-      });
-    it('contains non-enumerable Error properties when debug=true',
-      function(done) {
-        const error = new Error('a test error message');
-        givenErrorHandlerForError(error, {debug: true});
-        requestJson().end(function(err, res) {
-          if (err) return done(err);
-          expect(res.body).to.have.property('error');
-          const resError = res.body.error;
-          expect(resError).to.have.property('name', 'Error');
-          expect(resError).to.have.property('message',
-            'a test error message');
-          expect(resError).to.have.property('stack', error.stack);
-          done();
-        });
-      });
-    it('should allow setting safe fields when status=5xx', function(done) {
-      const error = new ErrorWithProps({
-        name: 'Error',
-        safeField: 'SAFE',
-        unsafeField: 'UNSAFE',
-      });
-      givenErrorHandlerForError(error, {
-        safeFields: ['safeField'],
-      });
-      requestJson().end(function(err, res) {
-        if (err) return done(err);
-        expect(res.body).to.have.property('error');
-        expect(res.body.error).to.have.property('safeField', 'SAFE');
-        expect(res.body.error).not.to.have.property('unsafeField');
-        done();
-      });
-    });
-    it('safe fields falls back to existing data', function(done) {
-      const error = new ErrorWithProps({
-        name: 'Error',
-        isSafe: false,
-      });
-      givenErrorHandlerForError(error, {
-        safeFields: ['statusCode', 'isSafe'],
-      });
-      requestJson().end(function(err, res) {
-        if (err) return done(err);
-        expect(res.body.error.statusCode).to.equal(500);
-        expect(res.body.error.isSafe).to.equal(false);
-        done();
-      });
-    });
-    it('should allow setting safe fields when status=4xx', function(done) {
-      const error = new ErrorWithProps({
-        name: 'Error',
-        statusCode: 422,
-        safeField: 'SAFE',
-        unsafeField: 'UNSAFE',
-      });
-      givenErrorHandlerForError(error, {
-        safeFields: ['safeField'],
-      });
-      requestJson().end(function(err, res) {
-        if (err) return done(err);
-        expect(res.body).to.have.property('error');
-        expect(res.body.error).to.have.property('safeField', 'SAFE');
-        expect(res.body.error).not.to.have.property('unsafeField');
-        done();
-      });
-    });
-    it('contains subset of properties when status=4xx', function(done) {
-      const error = new ErrorWithProps({
-        name: 'ValidationError',
-        message: 'The model instance is not valid.',
-        statusCode: 422,
-        details: 'some details',
-        extra: 'sensitive data',
-      });
-      givenErrorHandlerForError(error);
-      requestJson().end(function(err, res) {
-        if (err) return done(err);
-        expect(res.body).to.have.property('error');
-        expect(res.body.error).to.eql({
-          name: 'ValidationError',
-          message: 'The model instance is not valid.',
-          statusCode: 422,
-          details: 'some details',
-          // notice the property "extra" is not included
-        });
-        done();
-      });
-    });
-    it('contains only safe info when status=5xx', function(done) {
-      // Mock an error reported by fs.readFile
-      const error = new ErrorWithProps({
-        name: 'Error',
-        message: 'ENOENT: no such file or directory, open "/etc/passwd"',
-        errno: -2,
-        code: 'ENOENT',
-        syscall: 'open',
-        path: '/etc/password',
-      });
-      givenErrorHandlerForError(error);
-      requestJson().end(function(err, res) {
-        if (err) return done(err);
-        expect(res.body).to.have.property('error');
-        expect(res.body.error).to.eql({
-          statusCode: 500,
-          message: 'Internal Server Error',
-        });
-        done();
-      });
-    });
-    it('handles array argument as 500 when debug=false', function(done) {
-      const errors = [new Error('ERR1'), new Error('ERR2'), 'ERR STRING'];
-      givenErrorHandlerForError(errors);
-      requestJson().expect(500).end(function(err, res) {
-        if (err) return done(err);
-        const data = res.body.error;
-        expect(data).to.have.property('message').that.match(/multiple errors/);
-        expect(data).to.have.property('details').eql([
-          {statusCode: 500, message: 'Internal Server Error'},
-          {statusCode: 500, message: 'Internal Server Error'},
-          {statusCode: 500, message: 'Internal Server Error'},
-        ]);
-        done();
-      });
-    });
-    it('returns all array items when debug=true', function(done) {
-      const testError = new ErrorWithProps({
-        message: 'expected test error',
-        statusCode: 400,
-      });
-      const anotherError = new ErrorWithProps({
-        message: 'another expected error',
-        statusCode: 500,
-      });
-      const errors = [testError, anotherError, 'ERR STRING'];
-      givenErrorHandlerForError(errors, {debug: true});
-      requestJson().expect(500).end(function(err, res) {
-        if (err) return done(err);
-        const data = res.body.error;
-        expect(data).to.have.property('message').that.match(/multiple errors/);
-        const expectedDetails = [
-          getExpectedErrorData(testError),
-          getExpectedErrorData(anotherError),
-          {message: 'ERR STRING', statusCode: 500},
-        ];
-        expect(data).to.have.property('details').to.eql(expectedDetails);
-        done();
-      });
-    });
-    it('includes safeFields of array items when debug=false', (done) => {
-      const internalError = new ErrorWithProps({
-        message: 'a test error message',
-        code: 'MACHINE_READABLE_CODE',
-        details: 'some details',
-        extra: 'sensitive data',
-      });
-      const validationError = new ErrorWithProps({
-        name: 'ValidationError',
-        message: 'The model instance is not valid.',
-        statusCode: 422,
-        code: 'VALIDATION_ERROR',
-        details: 'some details',
-        extra: 'sensitive data',
-      });
-      const errors = [internalError, validationError, 'ERR STRING'];
-      givenErrorHandlerForError(errors, {
-        debug: false,
-        safeFields: ['code'],
-      });
-      requestJson().end(function(err, res) {
-        if (err) return done(err);
-        const data = res.body.error;
-        const expectedInternalError = {
-          statusCode: 500,
-          message: 'Internal Server Error',
-          code: 'MACHINE_READABLE_CODE',
-          // notice the property "extra" is not included
-        };
-        const expectedValidationError = {
-          statusCode: 422,
-          message: 'The model instance is not valid.',
-          name: 'ValidationError',
-          code: 'VALIDATION_ERROR',
-          details: 'some details',
-          // notice the property "extra" is not included
-        };
-        const expectedErrorFromString = {
-          message: 'Internal Server Error',
-          statusCode: 500,
-        };
-        const expectedDetails = [
-          expectedInternalError,
-          expectedValidationError,
-          expectedErrorFromString,
-        ];
-        expect(data).to.have.property('message').that.match(/multiple errors/);
-        expect(data).to.have.property('details').to.eql(expectedDetails);
-        done();
-      });
-    });
-    it('handles non-Error argument as 500 when debug=false', function(done) {
-      givenErrorHandlerForError('Error Message', {debug: false});
-      requestJson().expect(500).end(function(err, res) {
-        if (err) return done(err);
-        expect(res.body.error).to.eql({
-          statusCode: 500,
-          message: 'Internal Server Error',
-        });
-        done();
-      });
-    });
-    it('returns non-Error argument in message when debug=true', function(done) {
-      givenErrorHandlerForError('Error Message', {debug: true});
-      requestJson().expect(500).end(function(err, res) {
-        if (err) return done(err);
-        expect(res.body.error).to.eql({
-          statusCode: 500,
-          message: 'Error Message',
-        });
-        done();
-      });
-    });
-    it('handles Error objects containing circular properties', function(done) {
-      const circularObject = {};
-      circularObject.recursiveProp = circularObject;
-      const error = new ErrorWithProps({
-        statusCode: 422,
-        message: 'The model instance is not valid.',
-        name: 'ValidationError',
-        code: 'VALIDATION_ERROR',
-        details: circularObject,
-      });
-      givenErrorHandlerForError(error, {debug: true});
-      requestJson().end(function(err, res) {
-        if (err) return done(err);
-        expect(res.body).to.have.property('error');
-        expect(res.body.error).to.have.property('details');
-        expect(res.body.error.details).to.have.property('recursiveProp',
-          '[Circular]');
-        done();
-      });
-    });
-    function requestJson(url) {
-      return request.get(url || '/')
-        .set('Accept', 'text/plain')
-        .expect('Content-Type', /^application\/json/);
-    }
-  });
-  context('HTML response', function() {
-    it('contains all error properties when debug=true', function(done) {
-      const error = new ErrorWithProps({
-        message: 'a test error message',
-        details: 'some details',
-        extra: 'sensitive data',
-      });
-      error.statusCode = 500;
-      givenErrorHandlerForError(error, {debug: true});
-      requestHTML()
-        .expect(500)
-        .expect(/<title>ErrorWithProps<\/title>/)
-        .expect(/500(.*?)a test error message/)
-        .expect(/extra(.*?)sensitive data/)
-        .expect(/details(.*?)some details/)
-        .expect(/id="stacktrace"(.*?)ErrorWithProps: a test error message/,
-          done);
-    });
-    it('HTML-escapes all 4xx response properties in production mode',
-      function(done) {
-        const error = new ErrorWithProps({
-          name: 'Error<img onerror=alert(1) src=a>',
-          message:
-            'No instance with id <img onerror=alert(1) src=a> found for Model',
-          statusCode: 404,
-        });
-        givenErrorHandlerForError(error, {debug: false});
-        requestHTML()
-          .end(function(err, res) {
-            expect(res.statusCode).to.eql(404);
-            const body = res.error.text;
-            expect(body).to.match(
-              /<title>Error&lt;img onerror=alert\(1\) src=a&gt;<\/title>/
-            );
-            expect(body).to.match(
-              /with id &lt;img onerror=alert\(1\) src=a&gt; found for Model/
-            );
-            done();
-          });
-      });
-    it('HTML-escapes all 5xx response properties in development mode',
-      function(done) {
-        const error = new ErrorWithProps({
-          message: 'a test error message<img onerror=alert(1) src=a>',
-        });
-        error.statusCode = 500;
-        givenErrorHandlerForError(error, {debug: true});
-        requestHTML()
-          .expect(500)
-          .expect(/<title>ErrorWithProps<\/title>/)
-          .expect(
-            /500(.*?)a test error message&lt;img onerror=alert\(1\) src=a&gt;/,
-            done
-          );
-      });
-    it('contains subset of properties when status=4xx', function(done) {
-      const error = new ErrorWithProps({
-        name: 'ValidationError',
-        message: 'The model instance is not valid.',
-        statusCode: 422,
-        details: 'some details',
-        extra: 'sensitive data',
-      });
-      givenErrorHandlerForError(error, {debug: false});
-      requestHTML()
-        .end(function(err, res) {
-          expect(res.statusCode).to.eql(422);
-          const body = res.error.text;
-          expect(body).to.match(/some details/);
-          expect(body).to.not.match(/sensitive data/);
-          expect(body).to.match(/<title>ValidationError<\/title>/);
-          expect(body).to.match(/422(.*?)The model instance is not valid./);
-          done();
-        });
-    });
-    it('contains only safe info when status=5xx', function(done) {
-      // Mock an error reported by fs.readFile
-      const error = new ErrorWithProps({
-        name: 'Error',
-        message: 'ENOENT: no such file or directory, open "/etc/passwd"',
-        errno: -2,
-        code: 'ENOENT',
-        syscall: 'open',
-        path: '/etc/password',
-      });
-      givenErrorHandlerForError(error);
-      requestHTML()
-        .end(function(err, res) {
-          expect(res.statusCode).to.eql(500);
-          const body = res.error.text;
-          expect(body).to.not.match(/\/etc\/password/);
-          expect(body).to.not.match(/-2/);
-          expect(body).to.not.match(/ENOENT/);
-          // only have the following
-          expect(body).to.match(/<title>Internal Server Error<\/title>/);
-          expect(body).to.match(/500(.*?)Internal Server Error/);
-          done();
-        });
-    });
-    function requestHTML(url) {
-      return request.get(url || '/')
-        .set('Accept', 'text/html')
-        .expect('Content-Type', /^text\/html/);
-    }
-  });
-  context('XML response', function() {
-    it('contains all error properties when debug=true', function(done) {
-      const error = new ErrorWithProps({
-        message: 'a test error message',
-        details: 'some details',
-        extra: 'sensitive data',
-      });
-      error.statusCode = 500;
-      givenErrorHandlerForError(error, {debug: true});
-      requestXML()
-        .expect(500)
-        .expect(/<statusCode>500<\/statusCode>/)
-        .expect(/<name>ErrorWithProps<\/name>/)
-        .expect(/<message>a test error message<\/message>/)
-        .expect(/<details>some details<\/details>/)
-        .expect(/<extra>sensitive data<\/extra>/)
-        .expect(/<stack>ErrorWithProps: a test error message(.*?)/, done);
-    });
-    it('contains subset of properties when status=4xx', function(done) {
-      const error = new ErrorWithProps({
-        name: 'ValidationError',
-        message: 'The model instance is not valid.',
-        statusCode: 422,
-        details: 'some details',
-        extra: 'sensitive data',
-      });
-      givenErrorHandlerForError(error, {debug: false});
-      requestXML()
-        .end(function(err, res) {
-          expect(res.statusCode).to.eql(422);
-          const body = res.error.text;
-          expect(body).to.match(/<details>some details<\/details>/);
-          expect(body).to.not.match(/<extra>sensitive data<\/extra>/);
-          expect(body).to.match(/<name>ValidationError<\/name>/);
-          expect(body).to.match(
-            /<message>The model instance is not valid.<\/message>/
-          );
-          done();
-        });
-    });
-    it('contains only safe info when status=5xx', function(done) {
-      // Mock an error reported by fs.readFile
-      const error = new ErrorWithProps({
-        name: 'Error',
-        message: 'ENOENT: no such file or directory, open "/etc/passwd"',
-        errno: -2,
-        code: 'ENOENT',
-        syscall: 'open',
-        path: '/etc/password',
-      });
-      givenErrorHandlerForError(error);
-      requestXML()
-        .end(function(err, res) {
-          expect(res.statusCode).to.eql(500);
-          const body = res.error.text;
-          expect(body).to.not.match(/\/etc\/password/);
-          expect(body).to.not.match(/-2/);
-          expect(body).to.not.match(/ENOENT/);
-          // only have the following
-          expect(body).to.match(/<statusCode>500<\/statusCode>/);
-          expect(body).to.match(/<message>Internal Server Error<\/message>/);
-          done();
-        });
-    });
-    function requestXML(url) {
-      return request.get(url || '/')
-        .set('Accept', 'text/xml')
-        .expect('Content-Type', /^text\/xml/);
-    }
-  });
-  context('Content Negotiation', function() {
-    it('defaults to json without options', function(done) {
-      givenErrorHandlerForError(new Error('Some error'), {});
-      request.get('/')
-        .set('Accept', '*/*')
-        .expect('Content-Type', /^application\/json/, done);
-    });
-    it('honors accepted content-type', function(done) {
-      givenErrorHandlerForError(new Error('Some error'), {
-        defaultType: 'application/json',
-      });
-      request.get('/')
-        .set('Accept', 'text/html')
-        .expect('Content-Type', /^text\/html/, done);
-    });
-    it('honors order of accepted content-type', function(done) {
-      givenErrorHandlerForError(new Error('Some error'), {
-        defaultType: 'text/html',
-      });
-      request.get('/')
-        // `application/json` will be used because its provided first
-        .set('Accept', 'application/json, text/html')
-        .expect('Content-Type', /^application\/json/, done);
-    });
-    it('disables content-type negotiation when negotiateContentType=false',
-      function(done) {
-        givenErrorHandlerForError(new Error('Some error'), {
-          negotiateContentType: false,
-          defaultType: 'application/json',
-        });
-        request.get('/')
-          .set('Accept', 'text/html')
-          .expect('Content-Type', /^application\/json/, done);
-      });
-    it('chooses resolved type when negotiateContentType=false + not-supported',
-      function(done) {
-        givenErrorHandlerForError(new Error('Some error'), {
-          negotiateContentType: false,
-          defaultType: 'unsupported/type',
-        });
-        request.get('/')
-          .set('Accept', 'text/html')
-          .expect('Content-Type', /^text\/html/, done);
-      });
-    it('chooses default type when negotiateContentType=false + not-supported ',
-      function(done) {
-        givenErrorHandlerForError(new Error('Some error'), {
-          negotiateContentType: false,
-          defaultType: 'unsupported/type',
-        });
-        request.get('/')
-          .expect('Content-Type', /^application\/json/, done);
-      });
-    it('honors order of accepted content-types of text/html', function(done) {
-      givenErrorHandlerForError(new Error('Some error'), {
-        defaultType: 'application/json',
-      });
-      request.get('/')
-        // text/html will be used because its provided first
-        .set('Accept', 'text/html, application/json')
-        .expect('Content-Type', /^text\/html/, done);
-    });
-    it('picks first supported type upon multiple accepted', function(done) {
-      givenErrorHandlerForError(new Error('Some error'), {
-        defaultType: 'application/json',
-      });
-      request.get('/')
-        .set('Accept', '*/*, not-supported, text/html, application/json')
-        .expect('Content-Type', /^text\/html/, done);
-    });
-    it('falls back for unsupported option.defaultType', function(done) {
-      givenErrorHandlerForError(new Error('Some error'), {
-        defaultType: 'unsupported',
-      });
-      request.get('/')
-        .set('Accept', '*/*')
-        .expect('Content-Type', /^application\/json/, done);
-    });
-    it('returns defaultType for unsupported type', function(done) {
-      givenErrorHandlerForError(new Error('Some error'), {
-        defaultType: 'text/html',
-      });
-      request.get('/')
-        .set('Accept', 'unsupported/type')
-        .expect('Content-Type', /^text\/html/, done);
-    });
-    it('supports query _format', function(done) {
-      givenErrorHandlerForError(new Error('Some error'), {
-        defaultType: 'text/html',
-      });
-      request.get('/?_format=html')
-        .set('Accept', 'application/json')
-        .expect('Content-Type', /^text\/html/, done);
-    });
-    it('handles unknown _format query', function() {
-      givenErrorHandlerForError();
-      return request.get('/?_format=unknown')
-        .expect('X-Warning', /_format.*not supported/);
-    });
-  });
-  it('does not modify "options" argument', function(done) {
-    const options = {log: false, debug: false};
-    givenErrorHandlerForError(new Error(), options);
-    request.get('/').end(function(err) {
-      if (err) return done(err);
-      expect(options).to.eql({log: false, debug: false});
-      done();
-    });
-  });
-});
-let app, _requestHandler, request, server;
-function resetRequestHandler() {
-  _requestHandler = null;
-}
-function givenErrorHandlerForError(error, options) {
-  if (!error) error = new Error('an error');
-  if (!options) options = {};
-  if (!('log' in options)) {
-    // Disable logging to console by default, so that we don't spam
-    // console output. One can use "DEBUG=strong-error-handler" when
-    // troubleshooting.
-    options.log = false;
-  }
-  const handler = strongErrorHandler(options);
-  _requestHandler = function(req, res, next) {
-    debug('Invoking strong-error-handler');
-    handler(error, req, res, next);
-  };
-}
-function setupHttpServerAndClient(done) {
-  app = express();
-  app.use(function(req, res, next) {
-    if (!_requestHandler) {
-      const msg = 'Error handler middleware was not setup in this test';
-      console.error(msg);
-      res.statusCode = 500;
-      res.setHeader('Content-Type', 'text/plain; charset=utf-8');
-      res.end(msg);
-      return;
-    }
-    _requestHandler(req, res, warnUnhandledError);
-    function warnUnhandledError(err) {
-      console.log('unexpected: strong-error-handler called next with',
-        (err && (err.stack || err)) || 'no error');
-      res.statusCode = 500;
-      res.setHeader('Content-Type', 'text/plain; charset=utf-8');
-      res.end(err ?
-        'Unhandled strong-error-handler error:\n' + (err.stack || err) :
-        'The error was silently discared by strong-error-handler');
-    }
-  });
-  server = app.listen(0, function() {
-    const url = 'http://127.0.0.1:' + this.address().port;
-    debug('Test server listening on %s', url);
-    request = supertest(app);
-    done();
-  })
-    .once('error', function(err) {
-      debug('Cannot setup HTTP server: %s', err.stack);
-      done(err);
-    });
-}
-function stopHttpServerAndClient() {
-  server.close();
-}
-function ErrorWithProps(props) {
-  this.name = props.name || 'ErrorWithProps';
-  for (const p in props) {
-    this[p] = props[p];
-  }
-  if (Error.captureStackTrace) {
-    // V8 (Chrome, Opera, Node)
-    Error.captureStackTrace(this, this.constructor);
-  }
-}
-util.inherits(ErrorWithProps, Error);
-function getExpectedErrorData(err) {
-  const data = {};
-  cloneAllProperties(data, err);
-  return data;
-}