🛡️ Sentinel: [MEDIUM] Fix error message leaking exception details

[socialawy-dev]

🚨 Severity: MEDIUM
💡 Vulnerability: API endpoints returning raw user input and internal exception details in HTTP responses.
🎯 Impact: Could leak internal stack/state or echo unescaped user input.
🔧 Fix: Replaced dynamic details in HTTPException with static messages and added internal logging.
✅ Verification: Ensure tests pass and the f-strings in HTTPException detail have been removed.

---

PR created automatically by Jules for task 7791079199552038347 started by @socialawy

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.

[gemini-code-assist]

Code Review

This pull request enhances API security by preventing the leakage of internal state and unvalidated user input in error responses. Dynamic details in HTTPException responses have been replaced with static messages, while the specific error details are now captured via internal logging. The review feedback suggests improving these logs by using logger.exception() to capture full stack traces for server errors and utilizing the !r conversion flag to sanitize user-provided strings against log injection vulnerabilities.

[gemini-code-assist]

When logging an exception that results in a 500 Internal Server Error, it is better to use logger.exception() instead of logger.error() with a stringified exception. logger.exception() automatically captures the full stack trace, which is essential for debugging the root cause of the failure while ensuring that internal details remain hidden from the client response.

Suggested change

	logger.error(f"Upload failed: {e}")
	logger.exception("Upload failed")

[gemini-code-assist]

Logging raw user input (request.engine) can lead to log injection vulnerabilities if the input contains newline characters. Since this input is not validated before this point, it should be escaped or sanitized before logging. Using the !r conversion flag in the f-string is a simple and effective way to escape potentially dangerous characters.

Suggested change

	logger.warning(f"Engine '{request.engine}' not found")
	logger.warning(f"Engine {request.engine!r} not found")

[gemini-code-assist]

Similar to the preview endpoint, logging the raw name parameter here poses a log injection risk. It should be escaped to prevent malicious input from corrupting log files or misleading administrators.

Suggested change

	logger.warning(f"Engine '{name}' not found")
	logger.warning(f"Engine {name!r} not found")

[socialawy]

Superseded by #90 (merged ac23b55). The Sentinel/Jules SafeStaticFiles chain was iterating on the same middleware; #90's Path(str(path).lower()) fix addresses the root AttributeError. Closing as duplicate; re-open if a distinct vulnerability emerges.

[google-labs-jules]

Superseded by #90 (merged ac23b55). The Sentinel/Jules SafeStaticFiles chain was iterating on the same middleware; #90's Path(str(path).lower()) fix addresses the root AttributeError. Closing as duplicate; re-open if a distinct vulnerability emerges.

Understood. Acknowledging that this work is now obsolete and stopping work on this task.