You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@servicecomb.apache.org by GitBox <gi...@apache.org> on 2020/12/22 11:55:11 UTC
[GitHub] [servicecomb-java-chassis] NoComments opened a new issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
NoComments opened a new issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158
Consumer在调用Producer服务超时会返回以下信息给前端,在消息中会暴露内网服务器地址,如下图:
经排查,定位到是RestClientInvocation中对Vertx的超时异常NoStackTraceTimeoutException没有做特殊处理,直接把Vertx的异常信息返回给前端。
请问这种问题如何解决?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [servicecomb-java-chassis] liubao68 commented on issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
Posted by GitBox <gi...@apache.org>.
liubao68 commented on issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158#issuecomment-749507191
这个异常是 TimeoutExceptioinConverter 返回的, 你可以定制和覆盖默认实现。
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [servicecomb-java-chassis] NoComments commented on issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
Posted by GitBox <gi...@apache.org>.
NoComments commented on issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158#issuecomment-750077456
ExceptionFactory已经考虑到某些异常不能直接返回原始异常信息给远端
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [servicecomb-java-chassis] liubao68 commented on issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
Posted by GitBox <gi...@apache.org>.
liubao68 commented on issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158#issuecomment-750041120
edge 应该可以通过 consumer handler 来捕获异常:
```
servicecomb:
handler:
chain:
Consumer:
default: xxx, xxx, xxx
```
实在不行的情况, 只能继承 DefaultEdgeDispatcher并修改部分逻辑 来处理异常了.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [servicecomb-java-chassis] liubao68 edited a comment on issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
Posted by GitBox <gi...@apache.org>.
liubao68 edited a comment on issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158#issuecomment-749507191
这个异常是 TimeoutExceptioinConverter 返回的, 你可以定制和覆盖默认实现。 服务之间调用的消息已经去掉了各种用户输入,不会有信息泄露问题。 但是想这种更加严格的信息泄露要求, 建议产品可以在外部服务(比如网关)做过滤器,防止异常情况下,携带任何内部信息, 不过这样也可能给问题定位带来很大的麻烦。
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [servicecomb-java-chassis] liubao68 edited a comment on issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
Posted by GitBox <gi...@apache.org>.
liubao68 edited a comment on issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158#issuecomment-749507191
这个异常是 [TimeoutExceptionConverter](https://github.com/apache/servicecomb-java-chassis/blob/master/core/src/main/java/org/apache/servicecomb/core/exception/converter/TimeoutExceptionConverter.java) 返回的, 你可以定制和覆盖默认实现。 服务之间调用的消息已经去掉了各种用户输入,不会有信息泄露问题。 但是想这种更加严格的信息泄露要求, 建议产品可以在外部服务(比如网关)做过滤器,防止异常情况下,携带任何内部信息, 不过这样也可能给问题定位带来很大的麻烦。
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [servicecomb-java-chassis] NoComments commented on issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
Posted by GitBox <gi...@apache.org>.
NoComments commented on issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158#issuecomment-750026198
DefaultEdgeDispatcher中并没有包含和RestVertxDispathcer一样的逻辑,并且TimeOutException抛出来的时候,进入不到RestServerCodecFilter中
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [servicecomb-java-chassis] NoComments closed issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
Posted by GitBox <gi...@apache.org>.
NoComments closed issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [servicecomb-java-chassis] wujimin commented on issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
Posted by GitBox <gi...@apache.org>.
wujimin commented on issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158#issuecomment-750034660
filter特性是下个大版本才启用的,请谨慎使用~
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [servicecomb-java-chassis] NoComments commented on issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
Posted by GitBox <gi...@apache.org>.
NoComments commented on issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158#issuecomment-750038085
我其实是在Edge中无法对TimeoutException进行屏蔽
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [servicecomb-java-chassis] NoComments commented on issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
Posted by GitBox <gi...@apache.org>.
NoComments commented on issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158#issuecomment-750033039
TimeoutExceptionconvertor 是不是必须在 servicecomb.filter-chains.enable=true 才生效。目前还没有增加这个配置。
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [servicecomb-java-chassis] NoComments commented on issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
Posted by GitBox <gi...@apache.org>.
NoComments commented on issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158#issuecomment-749964497
2.1.0~2.1.3中不存在TimeoutExceptionConverter这个类
![Uploading image.png…]()
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [servicecomb-java-chassis] NoComments commented on issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
Posted by GitBox <gi...@apache.org>.
NoComments commented on issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158#issuecomment-750764301
非常感谢
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [servicecomb-java-chassis] NoComments commented on issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
Posted by GitBox <gi...@apache.org>.
NoComments commented on issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158#issuecomment-750060270
> edge 应该可以通过 consumer handler 来捕获异常:
>
> ```
> servicecomb:
> handler:
> chain:
> Consumer:
> default: xxx, xxx, xxx
> ```
>
> 实在不行的情况, 只能继承 DefaultEdgeDispatcher并修改部分逻辑 来处理异常了.
对,我也正在看LoadBalancerHandler的逻辑,看看能不能模拟出一个handler屏蔽TransportClientHandler的异常。不过我感觉这
ExceptionFactory中的
如果能通过SPI来扩展,是不是更合理一点。
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [servicecomb-java-chassis] NoComments edited a comment on issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
Posted by GitBox <gi...@apache.org>.
NoComments edited a comment on issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158#issuecomment-750026198
DefaultEdgeDispatcher中并没有包含和RestVertxDispathcer一样的逻辑,所以进入不到Exceptions类中。
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [servicecomb-java-chassis] liubao68 commented on issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
Posted by GitBox <gi...@apache.org>.
liubao68 commented on issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158#issuecomment-749982195
不存在, 加一个就可以了。
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [servicecomb-java-chassis] wujimin commented on issue #2158: Consumer调用Producer超时,会暴露内部服务器地址
Posted by GitBox <gi...@apache.org>.
wujimin commented on issue #2158:
URL: https://github.com/apache/servicecomb-java-chassis/issues/2158#issuecomment-750693464
这应该是个合理诉求,我修改了filter流程:https://github.com/apache/servicecomb-java-chassis/pull/2162
liubao看看当前流程,是不是也改一下
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org