Comments (10)
strong-error-handler... idk man.
It'd be nice to use since it seems to be convention.
But literally any remote method I write on a model, will always print 'UNHANDLED ERROR' in the server console, even though I'm clearly handling it and manually passing an error back through.
example:
/* Remote method that checks if current user is an admin */
User.isAdmin = function (options, cb) {
if (options.currentUserId) {
getRolesForUser(options.currentUserId, function (err, roles) {
if (err) {
return cb(err, false);
} else if (roles.indexOf('$admin') !== -1) {
return cb(null, true);
} else {
return cb(null, false);
}
})
} else {
return cb({statusCode: 400, message: "no currentUserId found [user isn't authenticated]" }, null);
}
};
strong-error-handler shouldn't be saying this is unhanded, I do believe this isn't the intended output. I'm totally cool with it logging the error, but throwing it's own internal error makes me think something is wrong.
It's annoying. For now, I've just disabled the whole middleware.
from strong-error-handler.
Hello, thank you for reporting this issue and thank you @doublemarked for helping out!
I understand the desire to hide 4xx (client) errors from the console output, I agree it's a reasonable request.
OTOH, there is also a good argument for logging both 4xx and 5xx errors too: When users encounter an unexpected 4xx error in the client and call the support to get the problem resolved, they are usually not able to provide much information. Also strong-error-handler is intentionally hiding sensitive informations from the HTTP responses. As a result, most of the useful information needed to troubleshoot the problem will be lost if it is not logged at the server.
As has been already said in the mailing list and in our docs, it's possible to use strong-error-handler to format the HTTP error responses and use custom error logger at the same time. Just load your error-logging middleware before strong-error-handler.
// server/middleware.json
{
// ...
"final:after": {
"./middleware/error-logger": {},
"strong-error-handler": {
"params": {
"log": false,
}
}
}
}
// server/middleware/error-logger
module.exports = function createErrorLogger(options) {
return function logError(err, req, res, next) {
// your custom error-logging logic goes here
const status = err.status || err.statusCode;
if (status >= 500) {
// log only Internal Server errors
console.log('Unhandled error for request %s %s: %s',
req.method, req.url, err.stack || err);
}
// Let the next error handler middleware
// produce the HTTP response
next(err);
};
}
In the light of the above, I am closing this feature request as rejected.
from strong-error-handler.
Just to chirp in, this seems more directly related to a bug in loopback itself.
If I disable strong-error-handler completely, and use the base lb3 errorhandling, this same behavior occurs. Even if strong-error-handler is installed, and both debug and log are false, the error will still popup, since the default is taking over.
To have strong-error-handler take over completely, still had to set
"remoting":{
"rest": {
"handleErrors": false
...
in config.json as per the migrating from lb2
documentation.
So, it's very possible that if the bug gets fixed within loopback, then it will automatically resolve in this module.
from strong-error-handler.
These errors can be suppressed by disabling the error handler's logging, by setting log: false
in your middleware.json file. Per the README:
If true, all errors are printed via console.error, including an array of fields (custom error properties) that are safe to include in response messages (both 4xx and 5xx).
from strong-error-handler.
I've tweaked my post above to indicate it's a feature request rather than a bug, and that - while I would prefer this to be the default behavior - it should at least be customizable.
The log: false
option is weak - it hides both server and client errors. We want to see server errors but not client errors, and I suspect this would be what a large number of other users would want / expect to see as well.
The current workaround of creating your own error-handler isn't great. strong-error-handler does a great job of handling numerous edge cases which you'd basically have to copy/reimplement (unless I'm missing some way to build on it). However, this is the current route we've taken.
Big thanks to @doublemarked for help here and on the Google Groups thread thus far :)
from strong-error-handler.
@PaddyMann I think I agree with you, logging 4xx and 5xx errors like they are the same thing is flawed logic. Perhaps the log
directive should be expanded to allow you to match which types of errors should be logged. So you can do something like log: { statusCode: "^5", message: "whatever" }
from strong-error-handler.
That'd be great.
We'd set it up with something like:
log: [
{"statusCode": "^4", "mute": true},
]
from strong-error-handler.
Hmm, seems that there could be some issues with the wrong status codes being used.
If a method doesn't exist, a 404 is currently returned.
{ Error: Shared class "xxx" has no method handling GET /xxx }
This should return a 501.
I guess this is a separate issue to be resolved though.
from strong-error-handler.
Would love to get an update on this as well. I'm using native methods such as create, but if I mute the logs, then I wouldn't even know if it was because of an duplicate id sql error.
On a side note, I'm using strong-error-handler with loopback (as I suspect most others are as well). If we did unmute these, is there any correct way in handling native loopback methods?
from strong-error-handler.
@luncht1me I believe this is related to this function convertNullToNotFoundError in persistedModel.js, which only applies to findOne and findById. I don't receive the logging error when I request a find. I just receive an empty array, so this is consistent with my results. Creating the new Error() object is what causes it.
from strong-error-handler.
Related Issues (20)
- Dependency Dashboard
- Extra files in node_modules HOT 5
- Safefields doesn't work with "array of errors" HOT 4
- Incorrect comment for negotiateContentProducer HOT 2
- debug false not working in middleware HOT 2
- "Unhandled Error" for errors that have been handled properly. HOT 11
- Handle AssertionError as 4xx error (keep showing message even in production / debug false) HOT 1
- Allow error 2xx transmission HOT 5
- Add config option to log errors on a single line HOT 1
- 404 Not found XSS (Cross Site Scripting Issue) HOT 19
- Use template-literal instead of EJS HOT 2
- issue with deploying to heroku HOT 1
- Safe fields can overwrite status code property HOT 1
- New release HOT 2
- Support `expose` property of http-errors
- Duplicate fields status and statusCode on error json payload HOT 1
- Security Vulnerability in Strong-Globalize HOT 4
- Customize XML response HOT 1
- TypeError: Converting circular structure to JSON HOT 1
- How can i get an single error message from loopback error body HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from strong-error-handler.