From dc815eb0945c181bd015caa3a1bae0dfd5411de2 Mon Sep 17 00:00:00 2001
From: sjhddh <jhao.sun@gmail.com>
Date: Wed, 8 Apr 2026 18:53:52 +0200
Subject: [PATCH] fix: sanitize internal error details in global 500 handler

The catch-all exception handler was returning str(exc) directly in the
API response, leaking internal filesystem paths, backend error messages,
and configuration details to clients (information disclosure).

- Replace str(exc) with a static "Internal server error" message
- Upgrade logger.warning to logger.exception so the full traceback is
  preserved in server logs for debugging

Closes #1233
---
 openviking/server/app.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/openviking/server/app.py b/openviking/server/app.py
index 5e1a0e287..8ef3d9a35 100644
--- a/openviking/server/app.py
+++ b/openviking/server/app.py
@@ -186,14 +186,14 @@ async def openviking_error_handler(request: Request, exc: OpenVikingError):
     # Catch-all for unhandled exceptions so clients always get JSON
     @app.exception_handler(Exception)
     async def general_error_handler(request: Request, exc: Exception):
-        logger.warning("Unhandled exception: %s", exc)
+        logger.exception("Unhandled exception")
         return JSONResponse(
             status_code=500,
             content=Response(
                 status="error",
                 error=ErrorInfo(
                     code="INTERNAL",
-                    message=str(exc),
+                    message="Internal server error",
                 ),
             ).model_dump(),
         )