fix(python-fastapi): stop exposing exception details in API errors#117
Conversation
Add server_error_response() to log failures server-side and return generic messages. Resolves CodeQL py/stack-trace-exposure alerts (#7-22). Co-authored-by: Cursor <cursoragent@cursor.com>
cbullinger
force-pushed
the
fix/codeql-python-stack-trace
branch
from
3761e51 to
bae04ff
Compare
There was a problem hiding this comment.
Pull request overview
Remediates CodeQL py/stack-trace-exposure findings in the Python FastAPI mflix app by ensuring API responses don’t echo raw exception details, while preserving full exception context in server logs.
Changes:
- Introduces a shared
server_error_response()helper that logs exceptions and returns a generic error payload. - Replaces
str(e)usage in multiplemovies.pyendpoints with fixed client-safe messages. - Tightens Voyage AI embedding error handling by logging SDK exceptions and returning generic
VoyageAPIErrormessages; removesexc.messagefrom the Voyage API error handler response.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| mflix/server/python-fastapi/src/utils/errorResponse.py | Adds server_error_response() to centralize “log + generic 500 response” behavior. |
| mflix/server/python-fastapi/src/routers/movies.py | Replaces exception-detail responses with server_error_response() and logs Voyage AI SDK errors in get_embedding(). |
| mflix/server/python-fastapi/main.py | Removes exc.message from VoyageAPIError handler payload to avoid leaking internal details. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Use VoyageAPIError.status_code in the global handler and wrap cursor iteration in get_all_movies so database errors are logged consistently. Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
| ).embeddings | ||
| return embeddings[0] | ||
| except voyage_error.AuthenticationError as e: | ||
| except voyage_error.AuthenticationError: |
There was a problem hiding this comment.
VoyageAuthError is the one path that still has no server-side logging. voyage_error.AuthenticationError is caught here and re-raised as VoyageAuthError, but neither this site nor the voyage_auth_error_handler in main.py calls logger.exception(). A rotated or revoked key would produce no trace in the logs. Consider adding a log call before the re-raise:
except voyage_error.AuthenticationError:
logger.exception("Voyage AI authentication failed")
raise VoyageAuthError("Invalid Voyage AI API key. Please check your VOYAGE_API_KEY in the .env file")
dacharyc
left a comment
dacharyc
left a comment
There was a problem hiding this comment.
Small suggested improvement, but overall LGTM. ✅
Add logger.exception before raising VoyageAuthError so revoked or invalid API keys leave a trace in server logs. Addresses PR #117 review. Co-authored-by: Cursor <cursoragent@cursor.com>
|
Added |
Summary
Resolves 16 CodeQL
py/stack-trace-exposurefindings inmovies.pyby returning generic error messages to clients while logging full exceptions server-side.Changes
server_error_response()inerrorResponse.py(useslogger.exception())str(e)in HTTP error payloads inmovies.pywith fixed messagesget_embedding()Voyage AI error handling (genericVoyageAPIErrormessages + logging)exc.messagefromVoyageAPIErrorhandlerdetailsinmain.pyTest plan
pip-auditandRun Python TestsCI passRelated
Made with Cursor