Menu
I'm running a Restful API Server based on Node.js using Express.js.
Today, I realized that someone can get information of error of my source code, including directory path of my server, when he send request using Curl like curl -X POST ~.
Error message I get:
TypeError: Cannot read property 'text' of undefined at exports.list (/usr/local/node/XXX/routes/message.js:49:36) at callbacks (/usr/local/node/XXX/node_modules/express/lib/router/index.js:124:37) at param (/usr/local/node/XXX/node_modules/express/lib/router/index.js:118:11) at param (/usr/local/node/XXXv/node_modules/express/lib/router/index.js:125:11)
How can I hide those critical information when the server displays errors?
1000
console. clear(); is good option to hide the console error because some time on running site we don't want to show error so we hide them in PHP.
An error in Node. js is any instance of the Error object. Common examples include built-in error classes, such as ReferenceError , RangeError , TypeError , URIError , EvalError , and SyntaxError .
I'd set the NODE_ENV flag to production, as the Express.JS doesn't send the stack data in this mode. I recommend you to check out the dotenv module in npm.
103
You can create a middleware that deals with all unhandled errors for you.
app.use((err, req, res, next) => {
if (err) {
return res.sendStatus(500);
}
next();
});
That will return a 500 Internal Server Error status code to any user creating such an error. Remember to put this at the end of your middleware chain.
21
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
