JedrekWang opened a new issue, #4260:
URL: https://github.com/apache/servicecomb-java-chassis/issues/4260
#### 背景
当 接口调用传递的body跟接口定位的入参不一致时,接口返回的message信息存在内部代码结构和行号等信息
#### 复现demo
接口入参定义如下:
```
public class CommonReq {
private String name;
private Integer type;
}
```
http请求传递的body如下:
```
{
"name": "jedrek",
"type": "hard"
}
```
报错信息如下:
{
"message": "Parameter is not valid for operation [xxx]. Parameter is
[commonReq]. Processor is [body]. Message is [Cannot deserialize value of type
`java.lang.Integer` from String \"hard\": not a valid `java.lang.Integer`
value\n at [Source:
(org.apache.servicecomb.foundation.vertx.stream.BufferInputStream); line: 3,
column: 13] (through reference chain: CommonReq[\"type\"])]."
}
这个打印信息感觉存在安全问题,暴露了接口的内部实现,可否针对于这种场景,对打印的异常message进行调整
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
