change ctx.error() to flag as err.expose

meaning the application could respond with this message if it likes
This commit is contained in:
TJ Holowaychuk 2013-09-12 08:01:40 -07:00
parent 091d5010cd
commit 6db24f9fac
2 changed files with 9 additions and 1 deletions

View file

@ -534,6 +534,12 @@ err.status = 400;
throw err; throw err;
``` ```
Note that these are user-level errors and are flagged with
`err.expose` meaning the messages are appropriate for
client responses, which is typically not the case for
error messages since you do not want to leak failure
details.
## Error Handling ## Error Handling
By default outputs all errors to stderr unless __NODE_ENV__ is "test". To perform custom error-handling logic such as centralized logging you By default outputs all errors to stderr unless __NODE_ENV__ is "test". To perform custom error-handling logic such as centralized logging you

View file

@ -556,7 +556,8 @@ module.exports = {
/** /**
* Throw an error with `msg` and optional `status` * Throw an error with `msg` and optional `status`
* defaulting to 500. * defaulting to 500. Note that these are user-level
* errors, and the message may be exposed to the client.
* *
* this.error(403) * this.error(403)
* this.error('name required', 400) * this.error('name required', 400)
@ -576,6 +577,7 @@ module.exports = {
var err = new Error(msg); var err = new Error(msg);
err.status = status || 500; err.status = status || 500;
err.expose = true;
throw err; throw err;
}, },