From 02cf86fcd47e8d203defa3cf3a7cdf245f416af2 Mon Sep 17 00:00:00 2001
From: Calin Crisan <ccrisan@gmail.com>
Date: Mon, 23 Jun 2014 20:07:10 +0300
Subject: [PATCH] tracebacks are no longer sent to the client

---
 src/handlers.py | 47 +++++++++++++++++++++++++++--------------------
 src/server.py   |  1 +
 2 files changed, 28 insertions(+), 20 deletions(-)

diff --git a/src/handlers.py b/src/handlers.py
index c3cb531..f454862 100644
--- a/src/handlers.py
+++ b/src/handlers.py
@@ -19,7 +19,6 @@ import base64
 import json
 import logging
 import os
-import sys
 
 from tornado.web import RequestHandler, HTTPError, asynchronous
 
@@ -90,26 +89,20 @@ class BaseHandler(RequestHandler):
 
         return None
     
-    def _handle_request_exception(self, e):
-        # don't send a traceback to the client
-        if isinstance(e, HTTPError):
-            if e.log_message:
-                format = "%d %s: " + e.log_message
-                args = [e.status_code, self._request_summary()] + list(e.args)
-                logging.warning(format, *args)
-            
-            status_code = e.status_code
-
-        else:
-            logging.error('Uncaught exception %s\n%r', self._request_summary(), self.request, exc_info=True)
-            
-            status_code = 500
-            
+    def _handle_request_exception(self, exception):
         try:
-            self.send_error(status_code, exc_info=sys.exc_info())
-        
-        except Exception as e:
-            logging.warning('could not send error to client: %(msg)s' % {'msg': unicode(e)})
+            if isinstance(exception, HTTPError):
+                logging.error(str(exception))
+                self.set_status(exception.status_code)
+                self.finish_json({'error': exception.log_message or getattr(exception, 'reason', None) or str(exception)})
+            
+            else:
+                logging.error(str(exception), exc_info=True)
+                self.set_status(500)
+                self.finish_json({'error':  'internal server error'})
+                
+        except RuntimeError:
+            pass # nevermind
         
     @staticmethod
     def auth(admin=False, prompt=True):
@@ -132,6 +125,20 @@ class BaseHandler(RequestHandler):
         
         return decorator
 
+    def get(self, *args, **kwargs):
+        raise HTTPError(400, 'method not allowed')
+
+    def post(self, *args, **kwargs):
+        raise HTTPError(400, 'method not allowed')
+
+
+class NotFoundHandler(BaseHandler):
+    def get(self):
+        raise HTTPError(404, 'not found')
+
+    def post(self):
+        raise HTTPError(404, 'not found')
+
 
 class MainHandler(BaseHandler):
     @BaseHandler.auth()
diff --git a/src/server.py b/src/server.py
index 2dd0288..3d6064e 100644
--- a/src/server.py
+++ b/src/server.py
@@ -49,6 +49,7 @@ application = Application(
         (r'^/movie/(?P<camera_id>\d+)/(?P<op>list)/?$', handlers.MovieHandler),
         (r'^/movie/(?P<camera_id>\d+)/(?P<op>download|preview)/(?P<filename>.+)/?$', handlers.MovieHandler),
         (r'^/update/?$', handlers.UpdateHandler),
+        (r'^.*$', handlers.NotFoundHandler),
     ],
     debug=True, # enables autoreload
     log_function=log_request,
-- 
2.39.5