do not propagate IOException from the MetricsServlet #4832

vladak · 2025-08-29T08:31:47Z

Fixes an issue found by SonarCube:

Catching exceptions within the servlet allows us to convert them into meaningful, user-friendly messages. Otherwise, failing to catch exceptions will propagate them to the servlet container, where the default error-handling mechanism may impact the overall security and stability of the server.

vladak added the webapp web application label Aug 29, 2025

oracle-contributor-agreement bot added the OCA Verified All contributors have signed the Oracle Contributor Agreement. label Aug 29, 2025

do not propagate IOException from the servlet

50fa08a

vladak force-pushed the servlet_vs_exception branch from b4c9563 to 50fa08a Compare August 29, 2025 08:32

vladak changed the title ~~do not propagate IOException from the servlet~~ do not propagate IOException from the MetricsServlet Aug 29, 2025

vladak merged commit 6ac452e into oracle:master Aug 29, 2025
10 checks passed

vladak deleted the servlet_vs_exception branch August 29, 2025 09:05

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

do not propagate IOException from the MetricsServlet #4832

do not propagate IOException from the MetricsServlet #4832

Uh oh!

vladak commented Aug 29, 2025

Uh oh!

Uh oh!

Uh oh!

do not propagate IOException from the MetricsServlet #4832

do not propagate IOException from the MetricsServlet #4832

Uh oh!

Conversation

vladak commented Aug 29, 2025

Uh oh!

Uh oh!

Uh oh!