fix: sanitize error messages to prevent info exposure#84
Closed
Sarthak-Bhagat2006 wants to merge 3 commits intoCPAtoCybersecurity:mainfrom
Closed
fix: sanitize error messages to prevent info exposure#84Sarthak-Bhagat2006 wants to merge 3 commits intoCPAtoCybersecurity:mainfrom
Sarthak-Bhagat2006 wants to merge 3 commits intoCPAtoCybersecurity:mainfrom
Conversation
Contributor
Author
|
Hi @CPAtoCybersecurity |
Owner
|
Hey @Sarthak-Bhagat2006 - solid work on this security fix. You caught a lot of spots across the codebase. One thing to clean up please before I merge: In console.error('Descriptive context message:', err);
toast.error('Generic user-friendly message.');Just swap those out for real messages, something like: Update that and I'll merge it. Appreciate the contribution! |
steve-simplycyber
previously approved these changes
Feb 26, 2026
steve-simplycyber
left a comment
steve-simplycyber
left a comment
There was a problem hiding this comment.
Great stuff. Generic messages for users, detailed logs in console for debugging.
CPAtoCybersecurity
requested review from
CPAtoCybersecurity
and removed request for
steve-simplycyber
Owner
|
Closing this PR to resolve a merge issue. Please open a new PR from your fork - your commits are already there, just click 'New pull request' from your fork. Thanks! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #74
Summary
Sanitised frontend error messages to prevent exposure of internal exception details.
Changes Made
Security Impact
Addresses CWE-209 (Information Exposure Through Error Messages)
Prevents exposure of internal backend and stack trace details.