Interested in a patch to throw error as a unique class? #204
Labels
Comments
|
and/or error codes may be good as well |
|
@zxlin When I get a positive response from a project contributor, I'll consider writing a PR for this, otherwise someone else can implement the idea sooner. |
|
I would rather just add an extra property to the error object instead, like node core does. |
|
@mscdex What would like the additional property and value to be? |
|
@markstos they'd go into the @mscdex may I suggest the prefix So we could have: Thoughts? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We have some sites that are getting hammered with exploit code looking for a Tiny MCE exploit. The exploit keeps trying to send a POST request to routes that don't exist.
We use
connect-busboyandbusboyand load theconnect-busboymiddleware early, fairly globally. It's trying to parse these malformed POST requests and crashing with an 500 error that originates inbusboy:From here
This case is not really a server error-- the appropriate response code should be "400: Bad Request" (or 404, since the URL doesn't exist).
My suggestion is that
busboythrow an error throw an error of a custom class, much like the common-errors enables.The
busboycode might look like this:Then in our Express error handling middleware, we can check if error thrown is of type 'ValidationError'. If so, we will return a 400 response instead of crashing with a 500 response.
The change would be backwards compatible, since the
ValidationErrorclass would be a sub-class of theErrorclass.Would a patch for this approach be accepted? If so, would you rather add
common-errorsas a dependency or just create a single custom error class for this purpose?The text was updated successfully, but these errors were encountered: