joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add Parse Server option enableSanitizedErrorResponse to remove detailed error messages from responses sent to clients (#9944)

Browse Source
This commit is contained in:
Lucas Coratger
2025-11-28 19:48:35 +01:00
committed by GitHub
parent 73e78127c2
commit 47521974ae
24 changed files with 121 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
spec/Utils.spec.js
View File

@@ -1,4 +1,5 @@
const Utils = require('../src/Utils');
const Utils = require('../lib/Utils');
const { createSanitizedError, createSanitizedHttpError } = require("../lib/Error")
describe('Utils', () => {
describe('encodeForUrl', () => {
@@ -173,4 +174,42 @@ describe('Utils', () => {
expect(Utils.getNestedProperty(obj, 'database.name')).toBe('');
});
});
describe('createSanitizedError', () => {
it('should return "Permission denied" when enableSanitizedErrorResponse is true', () => {
const config = { enableSanitizedErrorResponse: true };
const error = createSanitizedError(Parse.Error.OPERATION_FORBIDDEN, 'Detailed error message', config);
expect(error.message).toBe('Permission denied');
});
it('should not crash with config undefined', () => {
const error = createSanitizedError(Parse.Error.OPERATION_FORBIDDEN, 'Detailed error message', undefined);
expect(error.message).toBe('Permission denied');
});
it('should return the detailed message when enableSanitizedErrorResponse is false', () => {
const config = { enableSanitizedErrorResponse: false };
const error = createSanitizedError(Parse.Error.OPERATION_FORBIDDEN, 'Detailed error message', config);
expect(error.message).toBe('Detailed error message');
});
});
describe('createSanitizedHttpError', () => {
it('should return "Permission denied" when enableSanitizedErrorResponse is true', () => {
const config = { enableSanitizedErrorResponse: true };
const error = createSanitizedHttpError(403, 'Detailed error message', config);
expect(error.message).toBe('Permission denied');
});
it('should not crash with config undefined', () => {
const error = createSanitizedHttpError(403, 'Detailed error message', undefined);
expect(error.message).toBe('Permission denied');
});
it('should return the detailed message when enableSanitizedErrorResponse is false', () => {
const config = { enableSanitizedErrorResponse: false };
const error = createSanitizedHttpError(403, 'Detailed error message', config);
expect(error.message).toBe('Detailed error message');
});
});
});