Is there a way to configure a default 5xx error message in a rails app?

Question

I’m new to Ruby/Rails and working on my team’s web app. I am wondering if there is a way to configure the app so that any 5xx http status error will give the client the same generic error message (in an effort to maintain security).

Ideally the configuration will overwrite any new 5xx errors too that may be given messages by future engineers who arent aware of the security protocol.

Answer 1

Ruby on Rails provides rescue_from to catch errors in your application and respond to them with an appropriate error message.

When you want to catch all types of internal server errors, rescuing from StandardError might be the best option. Within the method handling the exceptions, you can render an HTML response, a JSON response or redirect the user with an error message depending on your needs and similar to normal controller methods.

# in app/controllers/application_controller.rb
  rescue_from StandardError, :handle_exceptions

private

def handle_exceptions
  render # ...
end

When you really want to catch all types of exceptions then you might want to rescue from Exception instead of StandardError. But be aware that this will also catch subclasses like SyntaxError, LoadError, and Interrupt.

In all cases I suggest manually login what exception was handled this way in the controller, to allow making debugging easier.