andreacavalli/netty5
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Do not expose the server-side exception message to the client

Browse Source
This commit is contained in:
Trustin Lee 2009-07-15 02:05:12 +00:00
parent 99261232a0
commit 046aae6ff8
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/main/java/org/jboss/netty/channel/socket/http/HttpTunnelingServlet.java
View File

@ -141,7 +141,8 @@ public class HttpTunnelingServlet extends HttpServlet {
protected void service(HttpServletRequest req, HttpServletResponse res)
throws ServletException, IOException {
if (!"POST".equalsIgnoreCase(req.getMethod())) {
res.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED, "Method not allowed");
logger.warn("Unallowed method: " + req.getMethod());
res.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
return;
}
@ -153,7 +154,9 @@ public class HttpTunnelingServlet extends HttpServlet {
Channel channel = channelFactory.newChannel(pipeline);
ChannelFuture future = channel.connect(remoteAddress).awaitUninterruptibly();
if (!future.isSuccess()) {
res.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Endpoint unavailable: " + future.getCause().getMessage());
Throwable cause = future.getCause();
logger.warn("Endpoint unavailable: " + cause.getMessage(), cause);
res.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE);
return;
}