Closed fabriciojs closed 3 years ago
Heya, since this is more of a request to change the current behavior I'm moving this to the ideas repo.
On the issue at hand: I'm a bit torn myself. I think I also more lean to making it a 400 instead. You're free to attempt a PR if you want. This would need to go into master as it's a breaking change. Please make sure you're very thorough in your PR description. Thanks
Hello @driesvints !
I have been looking into this trying to format a PR. But I reached a point I believe it is best we discuss first what to do:
What we know:
The SuspiciousOperationException
is not thrown anywhere in the Laravel code itself. It is something we expect might come mainly from Symfony HTTP Foundation classes.
Back in 5.8, it was this PR 28866 that introduced the "don't report" and exchange of SuspiciousOperationException
to NotFoundHttpException
.
Even @taylorotwell participated in that discussion and was convinced at the time it was OK to "hide" the exception for a 404, with the argument that no real user should ever see this error as the application.
Later in version 7.x the TrustHosts middleware was introduced, which became active by default in Laravel 8 (I believe). The middleware will basically proxy the app.url
config to the request object.
The advent of the middleware by default working only for non-test and non-local environments makes with that real users will legitimately face this error disguised as a 404 only for production/testing deployments (like it was my case for a healthcheck request that won't support custom domain - AWS ELB). This is not an ideal Developer Experience.
Given the situation laid out above, my suggestion would be to compromise between the spirit from PR 28866 was made and the practical acknowledgment that hiding out SuspiciousOperationException
behind a 404 is not ideal and more observability should be given here.
Ideas on what to do:
SuspiciousOperationException
be translated to a HttpException(400, 'Bad request', $e)
instead of NotFoundHttpException
on Illuminate\Foundation\Exceptions\Handler::prepareException
.local
environment as well - this would make developers aware of its existence and role.SuspiciousOperationException
from $internalDontReport
.Illuminate\Foundation\Exceptions\Handler::report
implementation in case shouldntReport()
is true, we should still look for the previous exception for possibly reporting that one (maybe recursively).or
I am not sure about how big is the impact of this - as well as how much of a share of Laravel 8.x applications have made to the production
environment already. I do believe that the semantics needs to be improved for TrustHosts to bring the value it proposes.
Hey @fabriciojs. I've talked this over with the team and at this time we're not going to take any actions here and leave things be. In the past we've already experimented with adjusting the behavior here and it broke a few things for us on Forge. This could potential have another big impact. So we're not keen to make changes here, sorry.
We are going to try to document the usage of TrustHosts
soon.
Thanks for raising this.
Description:
If the APP_ENV is set to
production
theTrustHosts
middleware, in case of failure, will raise aSuspiciousOperationException
exception which will be translated to aNotFoundHttpException
exception with a clear messageBad hostname provided
.The problem is that NONE of these details reach the user, nor logs are generated, as the response is nothing else but a standard 404.
This is very, very, very misleading, at the point I decided to open this report. Is it fair to say that the expected behavior here would be a more semantic response? Like a 400. That by itself should improve observability in this situation.
The broader context here to imagine the impact is:
health check
tools (i.e in my case AWS ELB) will not allow you to set a specifichost
to be used for the healthcheck.Steps To Reproduce:
production
Proposed Solution
Can we stop translating this into a
NotFoundHttpException
and then make it return a 400 instead?