Skip to content

General exception handler returns the full exception message to the client #77

New issue
New issue
Open
Open
General exception handler returns the full exception message to the client#77
Assignees
fpittelo
Labels
bugSomething isn't workinginvalidThis doesn't seem right
@fpittelo

Description

@fpittelo
fpittelo
opened on Nov 23, 2025

The general exception handler returns the full exception message to the client. This can leak sensitive internal implementation details, which is a security risk. It's better to log the detailed error on the server (using exc_info=True for the full stack trace) and return a generic error message to the client.

Metadata

Metadata

Assignees

Labels

bugSomething isn't workinginvalidThis doesn't seem right

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions