Commit 355c26df by Alexander Makarov

Fixes #4188: API exceptions are now exposing less data when YII_DEBUG is false

- If exception is internal it's always returned as HTTP 500 general purpose one. - Type isn't exposed anymore.
parent 7a418ae9
...@@ -230,6 +230,7 @@ Yii Framework 2 Change Log ...@@ -230,6 +230,7 @@ Yii Framework 2 Change Log
- Chg #4051: Renamed `yii\caching\GroupDependency` to `TagDependency` and added support for associating multiple tags to a single cached data item (qiangxue) - Chg #4051: Renamed `yii\caching\GroupDependency` to `TagDependency` and added support for associating multiple tags to a single cached data item (qiangxue)
- Chg #4071: `mail` component renamed to `mailer`, `yii\log\EmailTarget::$mail` renamed to `yii\log\EmailTarget::$mailer` (samdark) - Chg #4071: `mail` component renamed to `mailer`, `yii\log\EmailTarget::$mail` renamed to `yii\log\EmailTarget::$mailer` (samdark)
- Chg #4147: `BaseMailer::compose()` will not overwrite the `message` parameter if it is explicitly provided (qiangxue) - Chg #4147: `BaseMailer::compose()` will not overwrite the `message` parameter if it is explicitly provided (qiangxue)
- Chg #4188: API exceptions are now exposing less data when YII_DEBUG is false (samdark)
- Chg #4201: change default value of `SyslogTarget::facility` from LOG_SYSLOG to LOG_USER (dizews) - Chg #4201: change default value of `SyslogTarget::facility` from LOG_SYSLOG to LOG_USER (dizews)
- Chg #4211: BaseActiveRecord::populateRecord now silently hide selected columns that are not defined in AR instead of failing with an error (miramir) - Chg #4211: BaseActiveRecord::populateRecord now silently hide selected columns that are not defined in AR instead of failing with an error (miramir)
- Chg #4227: `\yii\widgets\LinkPager::$hideOnSinglePage` is now `true` by default (samdark) - Chg #4227: `\yii\widgets\LinkPager::$hideOnSinglePage` is now `true` by default (samdark)
......
...@@ -117,8 +117,11 @@ class ErrorHandler extends \yii\base\ErrorHandler ...@@ -117,8 +117,11 @@ class ErrorHandler extends \yii\base\ErrorHandler
*/ */
protected function convertExceptionToArray($exception) protected function convertExceptionToArray($exception)
{ {
if (!YII_DEBUG && !$exception instanceof UserException && !$exception instanceof HttpException) {
$exception = new HttpException(500, 'There was an error at the server.');
}
$array = [ $array = [
'type' => get_class($exception),
'name' => ($exception instanceof Exception || $exception instanceof ErrorException) ? $exception->getName() : 'Exception', 'name' => ($exception instanceof Exception || $exception instanceof ErrorException) ? $exception->getName() : 'Exception',
'message' => $exception->getMessage(), 'message' => $exception->getMessage(),
'code' => $exception->getCode(), 'code' => $exception->getCode(),
...@@ -126,7 +129,9 @@ class ErrorHandler extends \yii\base\ErrorHandler ...@@ -126,7 +129,9 @@ class ErrorHandler extends \yii\base\ErrorHandler
if ($exception instanceof HttpException) { if ($exception instanceof HttpException) {
$array['status'] = $exception->statusCode; $array['status'] = $exception->statusCode;
} }
if (YII_DEBUG && !$exception instanceof UserException) { if (YII_DEBUG) {
$array['type'] = get_class($exception);
if (!$exception instanceof UserException) {
$array['file'] = $exception->getFile(); $array['file'] = $exception->getFile();
$array['line'] = $exception->getLine(); $array['line'] = $exception->getLine();
$array['stack-trace'] = explode("\n", $exception->getTraceAsString()); $array['stack-trace'] = explode("\n", $exception->getTraceAsString());
...@@ -134,6 +139,7 @@ class ErrorHandler extends \yii\base\ErrorHandler ...@@ -134,6 +139,7 @@ class ErrorHandler extends \yii\base\ErrorHandler
$array['error-info'] = $exception->errorInfo; $array['error-info'] = $exception->errorInfo;
} }
} }
}
if (($prev = $exception->getPrevious()) !== null) { if (($prev = $exception->getPrevious()) !== null) {
$array['previous'] = $this->convertExceptionToArray($prev); $array['previous'] = $this->convertExceptionToArray($prev);
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment