Over-riding Catalyst's finalize

LittleJack has asked for the wisdom of the Perl Monks concerning the following question:

I would like to have a different Catalyst error page for unexpected code errors. The default (non-debug) one only says "please come back later" in 11 European languages.

This is generated by hardcoded HTML HEREDOCs in finalize_error, which is an internal method.

Obviously the worst thing to do would be to hack into that code inside Catalyst::Engine and the best thing to do would probably be to use this: https://metacpan.org/pod/Catalyst::Plugin::CustomErrorMessage, but I'm curious. Should I have been able to hack my own finalize_error method into Catalyst?

I tried adding my own raw output code to the main .pm file for my site (the one which has use Catalyst in it) along the lines of

print "Content-type: text/html\n\n<p>error</p>";
[download]

but the browser didn't output anything.

Then I tried adding my own hacked version of the proper internal method, along the lines of:

sub finalize_error {
    my ( $self, $c ) = @_;
 
    $c->res->content_type('text/html; charset=utf-8');
    $c->res->body( '<p>error</p>' );
    $c->res->status(500);

}
[download]

But it told me $c was undefined.

Should I have been able to do this, and if so how and where?

TIA

Comment on Over-riding Catalyst's finalize_error method Select or Download Code

Replies are listed 'Best First'.
Re: Over-riding Catalyst's finalize_error method by Your Mother (Archbishop) on May 17, 2021 at 02:33 UTC
Ragged, semi-tested; been a long time I really stepped through this so consider this cargo-culting and refer to the docs; Catalyst::Action::RenderView. This idiom is common and useful if you don’t go to the trouble of getting the Plugin::CustomErrorMessage stuff set up. # In MyApp::Controller::Root… sub render :ActionClass("RenderView") {} sub end :Private { my ( $self, $c ) = @_; return if $c->response->body; # Stop, good or bad, it's been rende +red. $c->forward("render"); # Send to RenderView. # If there was an error in the render above, process it and just o +utput the error. if ( my @err = @{ $c->error } ) { $c->log->error("Error: " . join(", ", @err)); $c->response->status(503); $c->response->body("There was an unrecoverable error: " . joi +n(", ", @err)); # ^^^ Could contain user input like XSS attacks, so naļve/dang +erous as shown. # Echoing errors is a security problem in itself. $c->clear_errors; } } [download] Update 20211102: added a comment about danger of echoing errors and insecurity of sample code.	[reply] [d/l]

Replies are listed 'Best First'.

Re: Over-riding Catalyst's finalize_error method
by Your Mother (Archbishop) on May 17, 2021 at 02:33 UTC

Ragged, semi-tested; been a long time I really stepped through this so consider this cargo-culting and refer to the docs; Catalyst::Action::RenderView. This idiom is common and useful if you don’t go to the trouble of getting the Plugin::CustomErrorMessage stuff set up.

# In MyApp::Controller::Root…

sub render :ActionClass("RenderView") {}

sub end :Private {
    my ( $self, $c ) = @_;
    return if $c->response->body; # Stop, good or bad, it's been rende
+red.
    $c->forward("render"); # Send to RenderView.

    # If there was an error in the render above, process it and just o
+utput the error.
    if ( my @err = @{ $c->error } )
    {
        $c->log->error("Error: " . join(", ", @err));
        $c->response->status(503);
        $c->response->body("There was an unrecoverable error: " .  joi
+n(", ", @err));
        # ^^^ Could contain user input like XSS attacks, so naļve/dang
+erous as shown.
        # Echoing errors is a security problem in itself.
        $c->clear_errors;
    }
}
[download]

Update 20211102: added a comment about danger of echoing errors and insecurity of sample code.

[reply]
[d/l]