Dev noa UI #105
Dev noa UI #105
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| response.raise_for_status() | ||
|
|
||
| except requests.exceptions.RequestException as e: | ||
| return JsonResponse({"error": str(e)}, status=500) |
Check warning
Code scanning / CodeQL
Information exposure through an exception Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 24 days ago
To fix the problem, we need to modify the exception handling code to log the detailed error message on the server and return a generic error message to the user. This will prevent sensitive information from being exposed while still allowing developers to access the necessary details for debugging.
- Import the
loggingmodule to enable logging of error messages. - Configure the logging settings if not already configured.
- Modify the exception handling block to log the detailed error message and return a generic error message to the user.
| @@ -4,2 +4,3 @@ | ||
| import os | ||
| import logging | ||
|
|
||
| @@ -13,2 +14,3 @@ | ||
|
|
||
| logging.basicConfig(level=logging.ERROR) | ||
| API_BASE_URL = "http://10.201.40.192:30080/api/SatelliteProduct/GetAll" | ||
| @@ -63,3 +65,4 @@ | ||
| except requests.exceptions.RequestException as e: | ||
| return JsonResponse({"error": str(e)}, status=500) | ||
| logging.error("RequestException: %s", str(e)) | ||
| return JsonResponse({"error": "An internal error has occurred."}, status=500) | ||
|
|
| result['quicklook'] = f"https://datahub.creodias.eu/odata/v1/Assets({result['uuid']})/$value" | ||
| return results | ||
| except requests.RequestException as e: | ||
| return JsonResponse({"error": f"API request failed: {str(e)}"}, status=500) |
Check warning
Code scanning / CodeQL
Information exposure through an exception Medium
Copilot Autofix AI 24 days ago
Copilot could not generate an autofix suggestion
Copilot could not generate an autofix suggestion for this alert. Try pushing a new commit or if the problem persists contact support.
| }, status=400) | ||
|
|
||
| except requests.exceptions.RequestException as e: | ||
| return JsonResponse({"error": str(e)}, status=500) |
Check warning
Code scanning / CodeQL
Information exposure through an exception Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 24 days ago
To fix the problem, we need to ensure that detailed exception messages are not exposed to the end user. Instead, we should log the detailed error message on the server and return a generic error message to the user. This can be achieved by modifying the exception handling in the submit_order function to log the exception and return a generic error message.
- Modify the exception handling block in the
submit_orderfunction to log the detailed error message and return a generic error message. - Add the necessary import for logging and configure the logger if not already done.
| @@ -1,2 +1,3 @@ | ||
| import requests | ||
| import logging | ||
| from datetime import datetime | ||
| @@ -16,2 +17,4 @@ | ||
|
|
||
| logger = logging.getLogger(__name__) | ||
| logging.basicConfig(level=logging.ERROR) | ||
| def map_view(request): | ||
| @@ -207,3 +210,4 @@ | ||
| except requests.exceptions.RequestException as e: | ||
| return JsonResponse({"error": str(e)}, status=500) | ||
| logger.error(f"Error submitting order: {e}") | ||
| return JsonResponse({"error": "An internal error has occurred. Please try again later."}, status=500) | ||
|
|
Closes #104