From 0f8533a6aef395c121cd4ab9790b35939a3c4e94 Mon Sep 17 00:00:00 2001 From: Arpit Jain <3242828+arpitjain099@users.noreply.github.com> Date: Sun, 20 Oct 2024 14:11:48 +0900 Subject: [PATCH] Fix code scanning alert no. 45: Information exposure through an exception Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- End_to_end_Solutions/AOAISearchDemo/app/data/app.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/End_to_end_Solutions/AOAISearchDemo/app/data/app.py b/End_to_end_Solutions/AOAISearchDemo/app/data/app.py index 98d6a72..17064a8 100644 --- a/End_to_end_Solutions/AOAISearchDemo/app/data/app.py +++ b/End_to_end_Solutions/AOAISearchDemo/app/data/app.py @@ -205,7 +205,8 @@ def get_user_profile(user_id: str): else: return Response(response=json.dumps(user_profile.to_item()), status=200) except Exception as e: - return Response(response=str(e), status=500) + logging.error("An error occurred while fetching user profile: %s", e, exc_info=True) + return Response(response="An internal error has occurred.", status=500) @app.route('/user-profiles', methods=['GET']) def get_all_user_profiles(): @@ -214,7 +215,8 @@ def get_all_user_profiles(): json_user_profiles = [user_profile.to_item() for user_profile in user_profiles] return Response(response=json.dumps(json_user_profiles), status=200) except Exception as e: - return Response(response=str(e), status=500) + logging.error("An error occurred while fetching all user profiles: %s", e, exc_info=True) + return Response(response="An internal error has occurred.", status=500) @app.route('/user-groups/', methods=['POST']) def create_user_group(group_id: str): @@ -238,7 +240,8 @@ def create_user_group(group_id: str): except CosmosConflictError as e: return Response(response=str(e), status=409) except Exception as e: - return Response(response=str(e), status=500) + logging.error("An error occurred while creating user group: %s", e, exc_info=True) + return Response(response="An internal error has occurred.", status=500) @app.route('/user-groups/', methods=['GET']) def get_user_group(group_id: str):