Follow

I've seen this kind of code more times I'd want to take:

rescue => e
Rails.logger.error(e)
render json: { errors: e.message },
status: :internal_server_error
end

Capture all the possible exceptions. Why? Is it really needed or convenient?

Do not report the error back to the client, it open a big door to exploits.

Log everything? Looks like a good idea, but it might leak things like tokens, secrets(?) or PII.

If you see on the wild, ask questions, might had a reason.

Sign in to participate in the conversation
Ruby.social

A Mastodon instance for Rubyists & friends