BRK: ValidatorBase.ReturnUnhandledException not requires an asset parameter. #736
BUG: Consistently report asset data (which may be the truncated secret) when reporting unhandled exceptions in dynamic validators. #736
@LingZhou-gh previously discovered an issue with our unhandled exception reporting, which would report an empty asset name when users failed to provide that argument to ValidatorBase.ReturnUnhandledException
An unexpected exception was caught attempting to validate '': System.NullReferenceException: Object reference not set to an instance of an object.
The obvious immediate fix is to simply require this parameter, which will prompt us to review all rules to confirm whether we are passing an available asset id. Ideally, this data points to the compromised thing. Only as a fallback should we provide the truncated secret as an asset. We do this to provide some uniqueness to the reporting output, so that users know what credential provoked the unhandled exception.
There is an open item here, we need to find a find to convert certificate data that we process into some identifier. The easiest solution here would be to base64 encoded it and take the first 6 characters or so.
ValidatorBase.ReturnUnhandledExceptionnot requires anassetparameter. #736@LingZhou-gh previously discovered an issue with our unhandled exception reporting, which would report an empty asset name when users failed to provide that argument to
ValidatorBase.ReturnUnhandledExceptionThe obvious immediate fix is to simply require this parameter, which will prompt us to review all rules to confirm whether we are passing an available asset id. Ideally, this data points to the compromised thing. Only as a fallback should we provide the truncated secret as an asset. We do this to provide some uniqueness to the reporting output, so that users know what credential provoked the unhandled exception.
There is an open item here, we need to find a find to convert certificate data that we process into some identifier. The easiest solution here would be to base64 encoded it and take the first 6 characters or so.