Homelab MCP Server

error-sanitization.ts•3.11 KiB

/** * Error message sanitization utilities * * Security: Prevents CWE-209 (Generation of Error Message Containing Sensitive Information) * by redacting sensitive details like file paths, commands, and infrastructure information * from error messages in production mode. * * @see https://cwe.mitre.org/data/definitions/209.html */ /** * Check if running in development mode * Defaults to production (safe) if NODE_ENV is not set */ function isDevelopment(): boolean { return process.env.NODE_ENV === "development"; } /** * Sanitizes error messages based on environment. * * In production: Returns generic message without sensitive details * In development: Returns detailed message for debugging * * Security: CWE-209 prevention - avoid leaking infrastructure details * * @param detailedMessage - Detailed error message (may contain sensitive info) * @param genericMessage - Generic safe error message * @returns Sanitized error message appropriate for current environment * @example * ```typescript * const msg = sanitizeErrorMessage( * "Failed to read SSH key at /home/user/.ssh/id_rsa", * "SSH authentication failed" * ); * // Production: "SSH authentication failed" * // Development: "Failed to read SSH key at /home/user/.ssh/id_rsa" * ``` */ export function sanitizeErrorMessage(detailedMessage: string, genericMessage: string): string { if (isDevelopment()) { return detailedMessage; } return genericMessage; } /** * Redacts file paths from error messages * * @param _path - File path to redact (unused, returns constant) * @returns Redacted path placeholder * @example * ```typescript * sanitizePath("/home/user/.ssh/id_rsa"); // "[REDACTED_PATH]" * ``` */ export function sanitizePath(_path: string): string { return "[REDACTED_PATH]"; } /** * Redacts command strings from error messages * * @param _command - Command string to redact (unused, returns constant) * @returns Redacted command placeholder * @example * ```typescript * sanitizeCommand("rm -rf /"); // "[REDACTED_COMMAND]" * ``` */ export function sanitizeCommand(_command: string): string { return "[REDACTED_COMMAND]"; } /** * Sanitizes an error object for safe logging/display * * In production: Removes stack traces and sensitive details * In development: Preserves all information for debugging * * @param error - Error object to sanitize * @param genericMessage - Generic message to use in production * @returns Sanitized error object * @example * ```typescript * try { * await readKey("/home/user/.ssh/id_rsa"); * } catch (err) { * const safe = sanitizeError(err, "Key read failed"); * console.error(safe); // Safe for production logs * } * ``` */ export function sanitizeError( error: unknown, genericMessage: string ): { message: string; stack?: string } { if (isDevelopment()) { // Development: preserve all error details if (error instanceof Error) { return { message: error.message, stack: error.stack, }; } return { message: String(error), }; } // Production: generic message only, no stack trace return { message: genericMessage, }; }

Loading blob content...

Latest Blog Posts

Redis vs ioredis vs valkey-glide
By punkpeye on January 26, 2026.
benchmark
Redis
valkey
Quickstart: Publish an MCP Server to the MCP Registry
By punkpeye on January 24, 2026.
mcp
official reference mirror
Official MCP Registry Server.json Requirements
By punkpeye on January 24, 2026.
mcp
official reference mirror

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jmagar/homelab-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

error-sanitization.ts•3.11 KiB