ChilliCream / graphql-platform

Welcome to the home of the Hot Chocolate GraphQL server for .NET, the Strawberry Shake GraphQL client for .NET and Banana Cake Pop the awesome Monaco based GraphQL IDE.
https://chillicream.com
MIT License
5.24k stars 744 forks source link

Don't return server-oriented, implementation-leaking error messages for client errors #7133

Open cmeeren opened 5 months ago

cmeeren commented 5 months ago

Product

Hot Chocolate

Is your feature request related to a problem?

Consider for example this error:

https://github.com/ChilliCream/graphql-platform/blob/7d21adab765fffad291f22255db1102fed39234e/src/HotChocolate/Core/src/Execution/Properties/Resources.resx#L202

Any client can trivially produce this error by e.g. supplying an invalid value for a GUID field, which results in this message:

"Unable to convert the value of the argument id to System.Guid. Check if the requested type is correct or register a custom type converter."

There are two problems with this:

The solution you'd like

Messages that are oriented toward API clients and which do not leak implementation details.

cmeeren commented 5 months ago

Note that the type name in this specific case is also present in extensions.

cmeeren commented 5 months ago

Another thing: I see in ExecutionDiagnosticEventListener that this error triggers ResolverError. Shouldn't it instead trigger ValidationErrors?

Triggering ResolverError is cumbersome for us because we assume ResolveError indicates a server error in the resolver, and are logging that as errors, but client errors should not be logged as errors since the server is not at fault.

michaelstaib commented 5 months ago

ResolveError is correct as it is happening during execution. The GraphQL spec distinguishes very clearly here. The error is also thrown by the resolver context.

michaelstaib commented 5 months ago

I will have to have a look at error cases a bit on this one. This is kind of a catch clause at the end. We can make the error less telling but at dev time it should be as it is today. On production however the error could be more generic.

cmeeren commented 5 months ago

On production however the error could be more generic.

That would be great!

ResolveError is correct as it is happening during execution. The GraphQL spec distinguishes very clearly here. The error is also thrown by the resolver context.

Sure! 👍 Then I merely wish for a reliable way to distinguish between server and client errors in ResolverError, so that I can log server errors properly while not getting spammed with client errors.