Hacker News new | ask | show | jobs
by Globz 2799 days ago
Do they encrypt the server side error stack trace?

500 Internal Server Error Sorry, something went wrong.

A team of highly trained monkeys has been dispatched to deal with this situation.

If you see them, send them this information as text (screenshots frighten them): APkpgMWbWQ3LvimPoFynDB0W8VeUJ9ECiPcDCm8L0Qiku1I2TbAShWp- taKn-AzOGigwq0sU4oe9mbWb2Bwv4BK37C5xOAL7qm11fHn4L0swqhLk wbcnyKH2HM3AQNf-ucVsolyigJTNKA2SSNUMVZnDPmfsFH7ecKkpQmNi VGWhtXypv0zJyz9d_mpkgMoONtIrPUA4imxK-gNnE-_WQWQZNJm0CTae slJVC-TYgnvOZ9AYp6nodeUNpCoGspWaJVXn_ZSxy-71oGdlkCqWs6AY 2wmIEKe8eeAMqwkTHZNHkbAaH-fxWE_WDPuG-q7AFbOz8jZCFD06MYgf obFUSaH6B7PUdBFwVvjEaTD34J8PVhZTIJziRK-9-wSHOI6Vwf1lTuFe X0m52abRMW1VJaZB3taHK09kFT8Lv546OPhsL0Bn70UIs2durkAAYe4Z ...
4 comments
meowface 2799 days ago
Yes, they do. Pretty clever idea, I think.
link
Globz 2799 days ago
Yes I agree, encrypting the stack trace enable them to share sensitive server side error codes to the client which in return can be easily reported back without having to explain anything or try to decode cryptic custom error messages.

This is fantastic!

link
jtchang 2799 days ago
I actually thought it was a bit jarring. Mostly because I don't know what personal information it might be collecting and having me send them.
link
shawnz 2799 days ago
Well, it's information collected at the server side. So if they really wanted they could just store the data and give you a code, but that would require more storage on their end.
link
ReverseCold 2798 days ago
(sorry for the sarcasm but...)

Oh no! YouTube needs to store a few kb of text! How will they have enough space?

link
pkulak 2798 days ago
Well, it obviously only happens when something goes wrong. Seems valuable to keep the complexity and external dependencies of your error handing to a minimum.
link
agumonkey 2799 days ago
Also probably a unique hash too
link
joshstrange 2799 days ago
I too would like to know more about this such as is it encrypted by any know method (ex: pgp)? It's rather brilliant if it's an encrypted stack trace or similar. I imagine it might even contain info about who the user is as well (if logged in or tracked via cookie) to help them debug it more.
link
devxpy 2798 days ago
Why does this look like a problem for https://sentry.io
link
nickthemagicman 2799 days ago
Thats prob base64 and your IP might be in the decoded string.
link
zamadatix 2799 days ago
Messing around with it for a minute it seems it's a modified base64 (+ and / are replaced by - and _) with a space every 56 characters. I couldn't get any permutation where a-z, A-Z, 0-9, and -_/_- were consistent so it's either encrypted or one of 1,268,869,321,858,841,641,034,33,389,335,161,480,802,865,516,174,545,192,198,801,894,375,214,704,230,400,000,000,000,000 permutations of the encoding alphabet (or I messed up the decoding).
link
dx87 2799 days ago
The modified base64 is probably just URL encoding https://en.wikipedia.org/wiki/Base64#URL_applications
link