You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafficcontrol.apache.org by GitBox <gi...@apache.org> on 2021/03/09 17:47:58 UTC

[GitHub] [trafficcontrol] ocket8888 commented on issue #3946: Hide Exact Nature of Server-side Errors from Clients

ocket8888 commented on issue #3946:
URL: https://github.com/apache/trafficcontrol/issues/3946#issuecomment-794224070


   This is still a problem. DSRCs have an "update" route that returns a 501:
   https://github.com/apache/trafficcontrol/blob/3564c9654d4cd5f27f72d591e9197c4882d953a3/traffic_ops/traffic_ops_golang/deliveryservice/deliveryservices_required_capabilities.go#L167-L170
   
   There are multiple scenarios where OAuth login can return a 502 response
   
   Local user authentication can return a 503 response if it fails to check if the user is allowed to sign in
   
   User authentication can return a 503 response if database connection times out
   
   When a route is disabled in the routing blacklist a 503 response will be returned
   
   `/dbdump` can return a 503 response if no `pg_dump` executable is found on the TO system
   
   Fetching URI Signing keys for a Delivery Service can return a 503 if configuration for Riak is not properly set up
   
   And those are just the cases where an HTTP status code > 500 is returned using its constant name in the `net/http` package. More usages may exist using literal numeric codes.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org