Prevent internal errors from being returned to ACME clients

2026-01-28 02:18:28 +00:00 · 2023-07-28 14:39:35 +02:00
parent 979e0f8f51
commit d5dd8feccd
1 changed files with 6 additions and 0 deletions
--- a/acme/errors.go
+++ b/acme/errors.go
@@ -309,6 +309,12 @@ func (e *Error) AddSubproblems(subproblems ...Subproblem) *Error {
 // to the existing (default) ACME error detail, providing
 // more information to the ACME client.
 func (e *Error) WithAdditionalErrorDetail() *Error {
+	// prevent internal server errors from disclosing
+	// the internal error to the client.
+	if e.Status >= 500 {
+		return e
+	}
+
 	e.Detail = fmt.Sprintf("%s: %s", e.Detail, e.Err)
 	return e
 }