chore: apply pending code updates
This commit is contained in:
@@ -74,7 +74,8 @@ def register_exception_handlers(app: FastAPI) -> None:
|
||||
) -> JSONResponse:
|
||||
"""Handle authentication errors (401)."""
|
||||
logger.warning(
|
||||
f"Authentication error: {exc.message}",
|
||||
"Authentication error: %s",
|
||||
exc.message,
|
||||
extra={"details": exc.details, "path": str(request.url.path)},
|
||||
)
|
||||
return JSONResponse(
|
||||
@@ -94,7 +95,8 @@ def register_exception_handlers(app: FastAPI) -> None:
|
||||
) -> JSONResponse:
|
||||
"""Handle authorization errors (403)."""
|
||||
logger.warning(
|
||||
f"Authorization error: {exc.message}",
|
||||
"Authorization error: %s",
|
||||
exc.message,
|
||||
extra={"details": exc.details, "path": str(request.url.path)},
|
||||
)
|
||||
return JSONResponse(
|
||||
@@ -114,7 +116,8 @@ def register_exception_handlers(app: FastAPI) -> None:
|
||||
) -> JSONResponse:
|
||||
"""Handle validation errors (422)."""
|
||||
logger.info(
|
||||
f"Validation error: {exc.message}",
|
||||
"Validation error: %s",
|
||||
exc.message,
|
||||
extra={"details": exc.details, "path": str(request.url.path)},
|
||||
)
|
||||
return JSONResponse(
|
||||
@@ -134,7 +137,8 @@ def register_exception_handlers(app: FastAPI) -> None:
|
||||
) -> JSONResponse:
|
||||
"""Handle bad request errors (400)."""
|
||||
logger.info(
|
||||
f"Bad request error: {exc.message}",
|
||||
"Bad request error: %s",
|
||||
exc.message,
|
||||
extra={"details": exc.details, "path": str(request.url.path)},
|
||||
)
|
||||
return JSONResponse(
|
||||
@@ -154,7 +158,8 @@ def register_exception_handlers(app: FastAPI) -> None:
|
||||
) -> JSONResponse:
|
||||
"""Handle not found errors (404)."""
|
||||
logger.info(
|
||||
f"Not found error: {exc.message}",
|
||||
"Not found error: %s",
|
||||
exc.message,
|
||||
extra={"details": exc.details, "path": str(request.url.path)},
|
||||
)
|
||||
return JSONResponse(
|
||||
@@ -174,7 +179,8 @@ def register_exception_handlers(app: FastAPI) -> None:
|
||||
) -> JSONResponse:
|
||||
"""Handle conflict errors (409)."""
|
||||
logger.info(
|
||||
f"Conflict error: {exc.message}",
|
||||
"Conflict error: %s",
|
||||
exc.message,
|
||||
extra={"details": exc.details, "path": str(request.url.path)},
|
||||
)
|
||||
return JSONResponse(
|
||||
@@ -194,7 +200,8 @@ def register_exception_handlers(app: FastAPI) -> None:
|
||||
) -> JSONResponse:
|
||||
"""Handle rate limit errors (429)."""
|
||||
logger.warning(
|
||||
f"Rate limit exceeded: {exc.message}",
|
||||
"Rate limit exceeded: %s",
|
||||
exc.message,
|
||||
extra={"details": exc.details, "path": str(request.url.path)},
|
||||
)
|
||||
return JSONResponse(
|
||||
@@ -214,7 +221,8 @@ def register_exception_handlers(app: FastAPI) -> None:
|
||||
) -> JSONResponse:
|
||||
"""Handle generic API exceptions."""
|
||||
logger.error(
|
||||
f"API error: {exc.message}",
|
||||
"API error: %s",
|
||||
exc.message,
|
||||
extra={
|
||||
"error_code": exc.error_code,
|
||||
"details": exc.details,
|
||||
@@ -238,12 +246,13 @@ def register_exception_handlers(app: FastAPI) -> None:
|
||||
) -> JSONResponse:
|
||||
"""Handle unexpected exceptions."""
|
||||
logger.exception(
|
||||
f"Unexpected error: {str(exc)}",
|
||||
"Unexpected error: %s",
|
||||
str(exc),
|
||||
extra={"path": str(request.url.path)},
|
||||
)
|
||||
|
||||
# Log full traceback for debugging
|
||||
logger.debug(f"Traceback: {traceback.format_exc()}")
|
||||
logger.debug("Traceback: %s", traceback.format_exc())
|
||||
|
||||
# Return generic error response for security
|
||||
return JSONResponse(
|
||||
|
||||
@@ -315,11 +315,11 @@ class RequestSanitizationMiddleware(BaseHTTPMiddleware):
|
||||
None if malicious content detected, sanitized value otherwise
|
||||
"""
|
||||
if self.check_sql_injection and self._check_sql_injection(value):
|
||||
logger.warning(f"Potential SQL injection detected: {value[:100]}")
|
||||
logger.warning("Potential SQL injection detected: %s", value[:100])
|
||||
return None
|
||||
|
||||
if self.check_xss and self._check_xss(value):
|
||||
logger.warning(f"Potential XSS detected: {value[:100]}")
|
||||
logger.warning("Potential XSS detected: %s", value[:100])
|
||||
return None
|
||||
|
||||
return value
|
||||
@@ -341,7 +341,7 @@ class RequestSanitizationMiddleware(BaseHTTPMiddleware):
|
||||
content_type
|
||||
and not any(ct in content_type for ct in self.allowed_content_types)
|
||||
):
|
||||
logger.warning(f"Unsupported content type: {content_type}")
|
||||
logger.warning("Unsupported content type: %s", content_type)
|
||||
return JSONResponse(
|
||||
status_code=415,
|
||||
content={"detail": "Unsupported Media Type"},
|
||||
@@ -350,7 +350,7 @@ class RequestSanitizationMiddleware(BaseHTTPMiddleware):
|
||||
# Check request size
|
||||
content_length = request.headers.get("content-length")
|
||||
if content_length and int(content_length) > self.max_request_size:
|
||||
logger.warning(f"Request too large: {content_length} bytes")
|
||||
logger.warning("Request too large: %s bytes", content_length)
|
||||
return JSONResponse(
|
||||
status_code=413,
|
||||
content={"detail": "Request Entity Too Large"},
|
||||
@@ -361,7 +361,7 @@ class RequestSanitizationMiddleware(BaseHTTPMiddleware):
|
||||
if isinstance(value, str):
|
||||
sanitized = self._sanitize_value(value)
|
||||
if sanitized is None:
|
||||
logger.warning(f"Malicious query parameter detected: {key}")
|
||||
logger.warning("Malicious query parameter detected: %s", key)
|
||||
return JSONResponse(
|
||||
status_code=400,
|
||||
content={"detail": "Malicious request detected"},
|
||||
@@ -372,7 +372,7 @@ class RequestSanitizationMiddleware(BaseHTTPMiddleware):
|
||||
if isinstance(value, str):
|
||||
sanitized = self._sanitize_value(value)
|
||||
if sanitized is None:
|
||||
logger.warning(f"Malicious path parameter detected: {key}")
|
||||
logger.warning("Malicious path parameter detected: %s", key)
|
||||
return JSONResponse(
|
||||
status_code=400,
|
||||
content={"detail": "Malicious request detected"},
|
||||
|
||||
Reference in New Issue
Block a user