Skip to content

Information exposure alert through an exception #1543

New issue
New issue
Open
#1545
Open
Information exposure alert through an exception#1543
#1545
Labels
bugSomething isn't working
@arpitjain099

Description

@arpitjain099
arpitjain099
opened on Aug 8, 2024

Describe the bug

Stack trace information flows to this location and may be exposed to an external user.

Affected line -

evals/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py

Line 191 in 234bcde

jsonify({"status": "error", "message": f"error executing command {command}: {e}"}),

evals/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py

Lines 164 to 170 in 234bcde

response = jsonify(
{
"status": "success",
"message": f"could not return results of executed commands {request.json['commands']}",
"content": str(e),
"url": page.url,
}

evals/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py

Lines 119 to 124 in 234bcde

response = jsonify(
{
"status": "success",
"message": f"could not return results of executed commands {request.json['command']}",
"content": str(e),
"url": page.url,

evals/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py

Lines 61 to 65 in 234bcde

except Exception as e:
return jsonify(
{"status": "error", "message": f"failed to start session (already started?): {e}"}
)
return jsonify({"status": "success", "message": "session started"})

To Reproduce

evals/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py

Line 191 in 234bcde

jsonify({"status": "error", "message": f"error executing command {command}: {e}"}),

evals/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py

Lines 164 to 170 in 234bcde

response = jsonify(
{
"status": "success",
"message": f"could not return results of executed commands {request.json['commands']}",
"content": str(e),
"url": page.url,
}

evals/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py

Lines 119 to 124 in 234bcde

response = jsonify(
{
"status": "success",
"message": f"could not return results of executed commands {request.json['command']}",
"content": str(e),
"url": page.url,

evals/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py

Lines 61 to 65 in 234bcde

except Exception as e:
return jsonify(
{"status": "error", "message": f"failed to start session (already started?): {e}"}
)
return jsonify({"status": "success", "message": "session started"})

Code snippets

https://github.com/openai/evals/blob/234bcde34b5951233681455faeb92baaaef97573/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py#L191-L191

https://github.com/openai/evals/blob/234bcde34b5951233681455faeb92baaaef97573/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py#L164-L170

https://github.com/openai/evals/blob/234bcde34b5951233681455faeb92baaaef97573/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py#L119-L124

https://github.com/openai/evals/blob/234bcde34b5951233681455faeb92baaaef97573/evals/elsuite/multistep_web_tasks/docker/flask-playwright/app.py#L61-L65

OS

macOS

Python version

3.11.4

Library version

1.40.1

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions