[
https://issues.apache.org/jira/browse/UNOMI-211?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16698915#comment-16698915
]
Serge Huber commented on UNOMI-211:
-----------------------------------
Hello Michael,
If you're talking about the CXS endpoint, that is managed by Apache CXF and you
would have to figure out how to manage errors properly for that. I'm not a big
expert at CXF myself :)
One thing that's important, Apache Unomi should not return information that
might compromise security, so it should NOT return stack traces or even any
version information in HTTP error results. I prefer that it says something like
: Server error, please check the logs for more details. This way attackers
cannot "learn" about the internals and attempt to mess with the system.
Regards,
Serge...
> Logging for "Failed to Parse" ElasticSearch errors
> --------------------------------------------------
>
> Key: UNOMI-211
> URL: https://issues.apache.org/jira/browse/UNOMI-211
> Project: Apache Unomi
> Issue Type: Improvement
> Components: core
> Affects Versions: 1.3.0-incubating
> Reporter: Michael Ghen
> Priority: Major
>
> I have been noticing a lot of 204 errors which tend to mean something failed.
> This is one of those issues and I think many people might stumble onto this
> and get confused.
> The problem happens when some invalid JSON is created that Elasticsearch does
> not like. In this case, I have a key value pair in the properties of a
> profile that looks like:
> {code:java}
> {
> "itemId": "f283309c-9bdc-11e8-9127-0a58ac100323",
> "itemType": "profile",
> "properties": {
> "firstName": "Mike",
> "lastName": "Ghen",
> "": "" # Something invalid that a programming language may form
> },
> "systemProperties": {},
> "segments": [],
> "scores": {},
> "consents": {}
> }{code}
> When posted to update a profile with the `"": ""` key value, you'll get a 204
> error.
> While this might be a silly ES error, I would expect Unomi to return such in
> the reponse. The 204 response code is not documented.
> The expected result should be a 415 error code and even better if the error
> came back in the reponse. When I looked into the Unomi logs I found this
> error:
> {code:java}
> Caused by: java.lang.IllegalArgumentException: object field starting or
> ending with a [.] makes object resolution ambiguous: []
> {code}
> Which helped me trace the error down in my profile (which has 200 key value
> pairs).
> It would be ideal if Unomi could return this "Caused by" error message and a
> 415 for situations like this.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
