Hello,
We have noticed that in many cases che api's return internal system information in responses of 500 (internal server error)
For example :
PUT /di/project/workspacewe2ls3c0hsz0nnrs/html5 HTTP/1.1
Host: devxmasterdi-i074921trial.dispatcher.hanatrial.ondemand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:49.0) Gecko/20100101 Firefox/49.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-CSRF-Token: 4D09B3CE05DDD95D3C8119EE380D6486
X-Requested-With: XMLHttpRequest
Referer: https://devxmasterdi-i074921trial.dispatcher.hanatrial.ondemand.com/
Content-Length: 2
Connection: close
HTTP/1.1 500 Internal Server Error
Cache-Control: private
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Date: Mon, 31 Oct 2016 08:47:01 GMT
Vary: Accept-Encoding
Content-Type: text/plain
Content-Length: 152
Connection: close
Server: SAP
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
while trying to invoke the method org.eclipse.che.api.project.shared.dto.ProjectUpdate.getRunners() of a null object loaded from local variable 'update'
The message (red) discloses internal system information to the api user, and does not really help him deal with the issue.
From our point of view, generalized message i.e. "Internal server error" would be preferred, since this internal message along with stack
trace is already safely logged by the backend.
What is your stand point to this issue ? Can we expect this behavior to change ?
Thanks in advance for your input.
Best regards,
Sergey Kuperman,
DI Cloud Exp DevX | SAP Labs Israel | 15 Hatidhar st. | Raanana 43665, Israel
T +972-(0)9-777-9513
