Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Information exposure alert through an exception #1543

Open
arpitjain099 opened this issue Aug 8, 2024 · 0 comments · May be fixed by #1545
Open

Information exposure alert through an exception #1543

arpitjain099 opened this issue Aug 8, 2024 · 0 comments · May be fixed by #1545
Labels
bug Something isn't working

Comments

@arpitjain099
Copy link

arpitjain099 commented Aug 8, 2024
edited
Loading

Describe the bug

Stack trace information flows to this location and may be exposed to an external user.

Affected line -

evals/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py

Line 191 in 234bcde

jsonify({"status": "error", "message": f"error executing command {command}: {e}"}),

evals/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py

Lines 164 to 170 in 234bcde

response = jsonify(
{
"status": "success",
"message": f"could not return results of executed commands {request.json['commands']}",
"content": str(e),
"url": page.url,
}

evals/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py

Lines 119 to 124 in 234bcde

response = jsonify(
{
"status": "success",
"message": f"could not return results of executed commands {request.json['command']}",
"content": str(e),
"url": page.url,

evals/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py

Lines 61 to 65 in 234bcde

except Exception as e:
return jsonify(
{"status": "error", "message": f"failed to start session (already started?): {e}"}
)
return jsonify({"status": "success", "message": "session started"})

To Reproduce

evals/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py

Line 191 in 234bcde

jsonify({"status": "error", "message": f"error executing command {command}: {e}"}),

evals/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py

Lines 164 to 170 in 234bcde

response = jsonify(
{
"status": "success",
"message": f"could not return results of executed commands {request.json['commands']}",
"content": str(e),
"url": page.url,
}

evals/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py

Lines 119 to 124 in 234bcde

response = jsonify(
{
"status": "success",
"message": f"could not return results of executed commands {request.json['command']}",
"content": str(e),
"url": page.url,

evals/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py

Lines 61 to 65 in 234bcde

except Exception as e:
return jsonify(
{"status": "error", "message": f"failed to start session (already started?): {e}"}
)
return jsonify({"status": "success", "message": "session started"})

Code snippets

https://github.com/openai/evals/blob/234bcde34b5951233681455faeb92baaaef97573/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py#L191-L191

https://github.com/openai/evals/blob/234bcde34b5951233681455faeb92baaaef97573/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py#L164-L170

https://github.com/openai/evals/blob/234bcde34b5951233681455faeb92baaaef97573/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py#L119-L124

https://github.com/openai/evals/blob/234bcde34b5951233681455faeb92baaaef97573/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py#L61-L65

OS

macOS

Python version

3.11.4

Library version

1.40.1
@arpitjain099 arpitjain099 added the bug Something isn't working label Aug 8, 2024
@arpitjain099 arpitjain099 linked a pull request Aug 8, 2024 that will close this issue
Open
13 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix Information exposure alert through an exception #1543 arpitjain099/evals
1 participant
@arpitjain099