restrict the maximum length of the X-Debug-Exception header

xabbuh · xabbuh · commit 458efa7d8ef5 · 2024-07-17T16:17:24.000+02:00
diff --git a/src/Symfony/Component/ErrorHandler/ErrorRenderer/HtmlErrorRenderer.php b/src/Symfony/Component/ErrorHandler/ErrorRenderer/HtmlErrorRenderer.php
@@ -72,7 +72,7 @@ public function render(\Throwable $exception): FlattenException
     {
         $headers = ['Content-Type' => 'text/html; charset='.$this->charset];
         if (\is_bool($this->debug) ? $this->debug : ($this->debug)($exception)) {
-            $headers['X-Debug-Exception'] = rawurlencode($exception->getMessage());
+            $headers['X-Debug-Exception'] = rawurlencode(substr($exception->getMessage(), 0, 2000));
             $headers['X-Debug-Exception-File'] = rawurlencode($exception->getFile()).':'.$exception->getLine();
         }
 
diff --git a/src/Symfony/Component/ErrorHandler/ErrorRenderer/SerializerErrorRenderer.php b/src/Symfony/Component/ErrorHandler/ErrorRenderer/SerializerErrorRenderer.php
@@ -58,7 +58,7 @@ public function render(\Throwable $exception): FlattenException
         $headers = ['Vary' => 'Accept'];
         $debug = \is_bool($this->debug) ? $this->debug : ($this->debug)($exception);
         if ($debug) {
-            $headers['X-Debug-Exception'] = rawurlencode($exception->getMessage());
+            $headers['X-Debug-Exception'] = rawurlencode(substr($exception->getMessage(), 0, 2000));
             $headers['X-Debug-Exception-File'] = rawurlencode($exception->getFile()).':'.$exception->getLine();
         }
 

Original file line number	Diff line number	Diff line change
`@@ -72,7 +72,7 @@ public function render(\Throwable $exception): FlattenException`
`72`	`72`	`{`
`73`	`73`	`$headers = ['Content-Type' => 'text/html; charset='.$this->charset];`
`74`	`74`	`if (\is_bool($this->debug) ? $this->debug : ($this->debug)($exception)) {`
`75`		`- $headers['X-Debug-Exception'] = rawurlencode($exception->getMessage());`
	`75`	`+ $headers['X-Debug-Exception'] = rawurlencode(substr($exception->getMessage(), 0, 2000));`
`76`	`76`	`$headers['X-Debug-Exception-File'] = rawurlencode($exception->getFile()).':'.$exception->getLine();`
`77`	`77`	`}`
`78`	`78`
Original file line number	Diff line number	Diff line change
`@@ -58,7 +58,7 @@ public function render(\Throwable $exception): FlattenException`
`58`	`58`	`$headers = ['Vary' => 'Accept'];`
`59`	`59`	`$debug = \is_bool($this->debug) ? $this->debug : ($this->debug)($exception);`
`60`	`60`	`if ($debug) {`
`61`		`- $headers['X-Debug-Exception'] = rawurlencode($exception->getMessage());`
	`61`	`+ $headers['X-Debug-Exception'] = rawurlencode(substr($exception->getMessage(), 0, 2000));`
`62`	`62`	`$headers['X-Debug-Exception-File'] = rawurlencode($exception->getFile()).':'.$exception->getLine();`
`63`	`63`	`}`
`64`	`64`