search

hapijs / boom

HTTP-friendly error objects
Other
2.94k stars 192 forks source link

Badly implemented Boom like class can cause runtime error #305

Open matthieusieben opened 11 months ago

matthieusieben commented 11 months ago

Runtime

na

Runtime version

na

Module version

all

Last module version without issue

?

Used with

standalone

Any other relevant information

No response

What are you trying to achieve or the steps to reproduce?

const BadBoom = class extends Error { isBoom = true; };
Boom.isBoom(new BadBoom()); // true
Boom.isBoom(new BadBoom(), 404); // Cannot read properties of undefined (reading 'statusCode')

What was the result you got?

An error because err.output is undefined in the BadBoom instance

What result did you expect?

I know that isBoom is meant to work with object created only with any version of the @hapi/boom package but it could at least ensure that err.output is an object and that err.output.statusCode is a number.

What do you think ?

kanongil commented 11 months ago

I agree in principle, but in practice this won't ever matter.

Anyway, given a fix can be a single added ?, I won't mind it being added:

return err instanceof Error && !!err.isBoom && (!statusCode || err.output?.statusCode === statusCode);