From 5bb53b73b959d90e05bdd48a124bc4d202cf6315 Mon Sep 17 00:00:00 2001
From: Richard Tibbles <richard@learningequality.org>
Date: Wed, 13 May 2026 13:13:20 -0700
Subject: [PATCH] fix(security): stop returning exception details in HTTP
 responses

Addresses CodeQL "Information exposure through an exception" findings in
views/subscription.py and viewsets/channel.py. Logs the traceback server
side via logger.exception so Sentry still captures it.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 .../contentcuration/views/subscription.py            | 12 ++++++------
 contentcuration/contentcuration/viewsets/channel.py  |  5 +++--
 2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/contentcuration/contentcuration/views/subscription.py b/contentcuration/contentcuration/views/subscription.py
index 784ba29798..6645875b43 100644
--- a/contentcuration/contentcuration/views/subscription.py
+++ b/contentcuration/contentcuration/views/subscription.py
@@ -79,9 +79,9 @@ def post(self, request):
 
             return Response({"checkout_url": session.url})
 
-        except stripe.error.StripeError as e:
-            logger.error(f"Stripe error creating checkout session: {e}")
-            return Response({"error": str(e)}, status=400)
+        except stripe.error.StripeError:
+            logger.exception("Stripe error creating checkout session")
+            return Response({"error": "Unable to create checkout session"}, status=400)
 
 
 class CreatePortalSessionView(APIView):
@@ -105,9 +105,9 @@ def post(self, request):
             )
             return Response({"portal_url": session.url})
 
-        except stripe.error.StripeError as e:
-            logger.error(f"Stripe error creating portal session: {e}")
-            return Response({"error": str(e)}, status=400)
+        except stripe.error.StripeError:
+            logger.exception("Stripe error creating portal session")
+            return Response({"error": "Unable to create portal session"}, status=400)
 
 
 class SubscriptionStatusView(APIView):
diff --git a/contentcuration/contentcuration/viewsets/channel.py b/contentcuration/contentcuration/viewsets/channel.py
index 46d6d063e8..6d2890d0be 100644
--- a/contentcuration/contentcuration/viewsets/channel.py
+++ b/contentcuration/contentcuration/viewsets/channel.py
@@ -468,8 +468,9 @@ def create(self, request, *args, **kwargs):
         try:
             self.perform_create(serializer)
 
-        except IntegrityError as e:
-            return Response({"error": str(e)}, status=409)
+        except IntegrityError:
+            logging.exception("Integrity error creating channel")
+            return Response({"error": "Channel could not be created"}, status=409)
         instance = serializer.instance
         Change.create_change(
             generate_create_event(