🚨 Severity: MEDIUM
💡 Vulnerability: Information Exposure (CWE-209)
- The web dashboard returned raw exception messages to users, potentially leaking internal details (stack traces, file paths, sensitive info).
- This violated the principle of "Fail Securely".
🎯 Impact:
- Attackers could glean information about the internal file structure or database errors to facilitate further attacks.
🔧 Fix:
- Configured `logging` to capture errors securely to stderr (standard practice for containerized apps).
- Updated `dashboard()` and `get_cached_markdown` to log the full exception traceback server-side.
- Changed user-facing response to a generic "Internal Server Error" (500).
✅ Verification:
- Added unit test `test_dashboard_error_handling` in `scripts/test_web_dashboard.py`.
- Verified that the test passes: `python scripts/test_web_dashboard.py`.
- Confirmed that the response body contains "Internal Server Error" and does NOT contain the mock secret.
- Added daisy.ns.cloudflare.com and rocco.ns.cloudflare.com to Cloudflare guide.
- Unified domain name to lengkundee01.org in CNAME and PWA guide.
- Verified active domain using dig.
- Updated sentinel journal with documentation learnings.
- Changed `check_authorized` in `scripts/telegram_deploy_bot.py` to fail closed (deny all) if `TELEGRAM_ALLOWED_USER_IDS` is unset or empty.
- Updated `scripts/TELEGRAM_BOT_SETUP.md` and `QUICK_DEPLOY.md` to document that `TELEGRAM_ALLOWED_USER_IDS` is now mandatory for bot access.
- Added Sentinel Journal entry in `.jules/sentinel.md` documenting the vulnerability and learning.
- Verified fix with reproduction script.
