Skip to content

Commit f8b5323

Browse files
kamil-tekielakamil-tekiela
committed
Sanitize full path in error message
Signed-off-by: Kamil Tekiela <tekiela246@gmail.com>
1 parent 0cdbaf1 commit f8b5323

1 file changed

Lines changed: 8 additions & 3 deletions

File tree

src/Error/ErrorHandler.php

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,10 @@
2424
use function function_exists;
2525
use function htmlspecialchars;
2626
use function sprintf;
27+
use function str_contains;
28+
use function str_replace;
2729

30+
use const DIRECTORY_SEPARATOR;
2831
use const E_COMPILE_ERROR;
2932
use const E_COMPILE_WARNING;
3033
use const E_CORE_ERROR;
@@ -224,10 +227,8 @@ public function handleError(
224227
*/
225228
public function handleException(Throwable $exception): void
226229
{
227-
$message = $exception::class . ': ' . $exception->getMessage();
228-
229230
$this->addError(
230-
$message,
231+
$exception::class . ': ' . $exception->getMessage(),
231232
(int) $exception->getCode(),
232233
$exception->getFile(),
233234
$exception->getLine(),
@@ -258,6 +259,10 @@ public function addError(
258259
int $errline,
259260
bool $escape = true,
260261
): void {
262+
if (str_contains($errstr, ROOT_PATH)) {
263+
$errstr = str_replace(ROOT_PATH, '.' . DIRECTORY_SEPARATOR, $errstr);
264+
}
265+
261266
if ($escape) {
262267
$errstr = htmlspecialchars($errstr);
263268
}

0 commit comments

Comments
 (0)