Separate server properties for message and errors

Prior to this commit, there was a property server.error.include-details
that allowed configuration of the message and errors attributes in a
server error response.

This commit separates the control of the message and errors attributes
into two separate properties named server.error.include-message and
server.error.include-binding-errors. When the message attribute is
excluded from a servlet response, the value is changed from a
hard-coded text value to an empty value.

Fixes gh-20505

Author: scottfrederick

spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/web/servlet/ManagementErrorEndpoint.java

@@ -53,26 +53,38 @@ public ManagementErrorEndpoint(ErrorAttributes errorAttributes, ErrorProperties
 	@RequestMapping("${server.error.path:${error.path:/error}}")
 	@ResponseBody
 	public Map<String, Object> invoke(ServletWebRequest request) {
-		return this.errorAttributes.getErrorAttributes(request, includeStackTrace(request), includeDetails(request));
+		return this.errorAttributes.getErrorAttributes(request, includeStackTrace(request), includeMessage(request),
+				includeBindingErrors(request));
 	}
 
 	private boolean includeStackTrace(ServletWebRequest request) {
 		switch (this.errorProperties.getIncludeStacktrace()) {
 		case ALWAYS:
 			return true;
-		case ON_TRACE_PARAM:
+		case ON_PARAM:
 			return getBooleanParameter(request, "trace");
 		default:
 			return false;
 		}
 	}
 
-	private boolean includeDetails(ServletWebRequest request) {
-		switch (this.errorProperties.getIncludeDetails()) {
+	private boolean includeMessage(ServletWebRequest request) {
+		switch (this.errorProperties.getIncludeMessage()) {
 		case ALWAYS:
 			return true;
-		case ON_DETAILS_PARAM:
-			return getBooleanParameter(request, "details");
+		case ON_PARAM:
+			return getBooleanParameter(request, "message");
+		default:
+			return false;
+		}
+	}
+
+	private boolean includeBindingErrors(ServletWebRequest request) {
+		switch (this.errorProperties.getIncludeBindingErrors()) {
+		case ALWAYS:
+			return true;
+		case ON_PARAM:
+			return getBooleanParameter(request, "errors");
 		default:
 			return false;
 		}

spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/web/servlet/ManagementErrorEndpointTests.java

@@ -51,16 +51,16 @@ void setUp() {
 	void errorResponseNeverDetails() {
 		ManagementErrorEndpoint endpoint = new ManagementErrorEndpoint(this.errorAttributes, this.errorProperties);
 		Map<String, Object> response = endpoint.invoke(new ServletWebRequest(new MockHttpServletRequest()));
-		assertThat(response).containsEntry("message", "An error occurred while processing the request");
+		assertThat(response).containsEntry("message", "");
 		assertThat(response).doesNotContainKey("trace");
 	}
 
 	@Test
 	void errorResponseAlwaysDetails() {
 		this.errorProperties.setIncludeStacktrace(ErrorProperties.IncludeStacktrace.ALWAYS);
-		this.errorProperties.setIncludeDetails(ErrorProperties.IncludeDetails.ALWAYS);
+		this.errorProperties.setIncludeMessage(ErrorProperties.IncludeAttribute.ALWAYS);
 		this.request.addParameter("trace", "false");
-		this.request.addParameter("details", "false");
+		this.request.addParameter("message", "false");
 		ManagementErrorEndpoint endpoint = new ManagementErrorEndpoint(this.errorAttributes, this.errorProperties);
 		Map<String, Object> response = endpoint.invoke(new ServletWebRequest(this.request));
 		assertThat(response).containsEntry("message", "test exception");
@@ -70,20 +70,20 @@ void errorResponseAlwaysDetails() {
 
 	@Test
 	void errorResponseParamsAbsent() {
-		this.errorProperties.setIncludeStacktrace(ErrorProperties.IncludeStacktrace.ON_TRACE_PARAM);
-		this.errorProperties.setIncludeDetails(ErrorProperties.IncludeDetails.ON_DETAILS_PARAM);
+		this.errorProperties.setIncludeStacktrace(ErrorProperties.IncludeStacktrace.ON_PARAM);
+		this.errorProperties.setIncludeMessage(ErrorProperties.IncludeAttribute.ON_PARAM);
 		ManagementErrorEndpoint endpoint = new ManagementErrorEndpoint(this.errorAttributes, this.errorProperties);
 		Map<String, Object> response = endpoint.invoke(new ServletWebRequest(this.request));
-		assertThat(response).containsEntry("message", "An error occurred while processing the request");
+		assertThat(response).containsEntry("message", "");
 		assertThat(response).doesNotContainKey("trace");
 	}
 
 	@Test
 	void errorResponseParamsTrue() {
-		this.errorProperties.setIncludeStacktrace(ErrorProperties.IncludeStacktrace.ON_TRACE_PARAM);
-		this.errorProperties.setIncludeDetails(ErrorProperties.IncludeDetails.ON_DETAILS_PARAM);
+		this.errorProperties.setIncludeStacktrace(ErrorProperties.IncludeStacktrace.ON_PARAM);
+		this.errorProperties.setIncludeMessage(ErrorProperties.IncludeAttribute.ON_PARAM);
 		this.request.addParameter("trace", "true");
-		this.request.addParameter("details", "true");
+		this.request.addParameter("message", "true");
 		ManagementErrorEndpoint endpoint = new ManagementErrorEndpoint(this.errorAttributes, this.errorProperties);
 		Map<String, Object> response = endpoint.invoke(new ServletWebRequest(this.request));
 		assertThat(response).containsEntry("message", "test exception");
@@ -93,13 +93,13 @@ void errorResponseParamsTrue() {
 
 	@Test
 	void errorResponseParamsFalse() {
-		this.errorProperties.setIncludeStacktrace(ErrorProperties.IncludeStacktrace.ON_TRACE_PARAM);
-		this.errorProperties.setIncludeDetails(ErrorProperties.IncludeDetails.ON_DETAILS_PARAM);
+		this.errorProperties.setIncludeStacktrace(ErrorProperties.IncludeStacktrace.ON_PARAM);
+		this.errorProperties.setIncludeMessage(ErrorProperties.IncludeAttribute.ON_PARAM);
 		this.request.addParameter("trace", "false");
-		this.request.addParameter("details", "false");
+		this.request.addParameter("message", "false");
 		ManagementErrorEndpoint endpoint = new ManagementErrorEndpoint(this.errorAttributes, this.errorProperties);
 		Map<String, Object> response = endpoint.invoke(new ServletWebRequest(this.request));
-		assertThat(response).containsEntry("message", "An error occurred while processing the request");
+		assertThat(response).containsEntry("message", "");
 		assertThat(response).doesNotContainKey("trace");
 	}
 

spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/web/servlet/WebMvcEndpointChildContextConfigurationIntegrationTests.java

@@ -67,14 +67,14 @@ void errorPageAndErrorControllerAreUsed() {
 			ClientResponse response = client.get().uri("actuator/fail").accept(MediaType.APPLICATION_JSON).exchange()
 					.block();
 			Map<Object, Object> body = response.bodyToMono(Map.class).block();
-			assertThat(body).containsEntry("message", "An error occurred while processing the request");
+			assertThat(body).containsEntry("message", "");
 			assertThat(body).doesNotContainKey("trace");
 		});
 	}
 
 	@Test
 	void errorPageAndErrorControllerIncludeDetails() {
-		this.runner.withPropertyValues("server.error.include-stacktrace=always", "server.error.include-details=always")
+		this.runner.withPropertyValues("server.error.include-stacktrace=always", "server.error.include-message=always")
 				.run((context) -> {
 					String port = context.getEnvironment().getProperty("local.management.port");
 					WebClient client = WebClient.create("http://localhost:" + port);

spring-boot-project/spring-boot-actuator/src/test/java/org/springframework/boot/actuate/endpoint/web/annotation/AbstractWebEndpointIntegrationTests.java

@@ -412,7 +412,7 @@ private void load(Consumer<T> contextCustomizer, String endpointPath,
 		contextCustomizer.accept(applicationContext);
 		Map<String, Object> properties = new HashMap<>();
 		properties.put("endpointPath", endpointPath);
-		properties.put("server.error.include-details", "always");
+		properties.put("server.error.include-message", "always");
 		applicationContext.getEnvironment().getPropertySources().addLast(new MapPropertySource("test", properties));
 		applicationContext.refresh();
 		try {

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/ErrorProperties.java

@@ -46,9 +46,14 @@ public class ErrorProperties {
 	private IncludeStacktrace includeStacktrace = IncludeStacktrace.NEVER;
 
 	/**
-	 * When to include "message" and "errors" attributes.
+	 * When to include "message" attribute.
 	 */
-	private IncludeDetails includeDetails = IncludeDetails.NEVER;
+	private IncludeAttribute includeMessage = IncludeAttribute.NEVER;
+
+	/**
+	 * When to include "errors" attribute.
+	 */
+	private IncludeAttribute includeBindingErrors = IncludeAttribute.NEVER;
 
 	private final Whitelabel whitelabel = new Whitelabel();
 
@@ -76,12 +81,20 @@ public void setIncludeStacktrace(IncludeStacktrace includeStacktrace) {
 		this.includeStacktrace = includeStacktrace;
 	}
 
-	public IncludeDetails getIncludeDetails() {
-		return this.includeDetails;
+	public IncludeAttribute getIncludeMessage() {
+		return this.includeMessage;
+	}
+
+	public void setIncludeMessage(IncludeAttribute includeMessage) {
+		this.includeMessage = includeMessage;
 	}
 
-	public void setIncludeDetails(IncludeDetails includeDetails) {
-		this.includeDetails = includeDetails;
+	public IncludeAttribute getIncludeBindingErrors() {
+		return this.includeMessage;
+	}
+
+	public void setIncludeBindingErrors(IncludeAttribute includeMessage) {
+		this.includeMessage = includeMessage;
 	}
 
 	public Whitelabel getWhitelabel() {
@@ -96,39 +109,56 @@ public enum IncludeStacktrace {
 		/**
 		 * Never add stacktrace information.
 		 */
-		NEVER,
+		NEVER(IncludeAttribute.NEVER),
 
 		/**
 		 * Always add stacktrace information.
 		 */
-		ALWAYS,
+		ALWAYS(IncludeAttribute.ALWAYS),
+
+		/**
+		 * Add error attribute when the appropriate request parameter is "true".
+		 */
+		ON_PARAM(IncludeAttribute.ON_PARAM),
 
 		/**
 		 * Add stacktrace information when the "trace" request parameter is "true".
+		 * @deprecated since 2.3.0 in favor of {@link #ON_PARAM}
 		 */
-		ON_TRACE_PARAM
+		@Deprecated
+		ON_TRACE_PARAM(IncludeAttribute.ON_PARAM);
+
+		private final IncludeAttribute include;
+
+		IncludeStacktrace(IncludeAttribute include) {
+			this.include = include;
+		}
+
+		public IncludeAttribute getInclude() {
+			return this.include;
+		}
 
 	}
 
 	/**
-	 * Include error details attributes options.
+	 * Include error attributes options.
 	 */
-	public enum IncludeDetails {
+	public enum IncludeAttribute {
 
 		/**
-		 * Never add error detail information.
+		 * Never add error attribute.
 		 */
 		NEVER,
 
 		/**
-		 * Always add error detail information.
+		 * Always add error attribute.
 		 */
 		ALWAYS,
 
 		/**
-		 * Add error details information when the "details" request parameter is "true".
+		 * Add error attribute when the appropriate request parameter is "true".
 		 */
-		ON_DETAILS_PARAM
+		ON_PARAM
 
 	}
 

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/reactive/error/AbstractErrorWebExceptionHandler.java

@@ -134,24 +134,26 @@ public void setViewResolvers(List<ViewResolver> viewResolvers) {
 	 * @param includeStackTrace whether to include the error stacktrace information
 	 * @return the error attributes as a Map
 	 * @deprecated since 2.3.0 in favor of
-	 * {@link #getErrorAttributes(ServerRequest, boolean, boolean)}
+	 * {@link #getErrorAttributes(ServerRequest, boolean, boolean, boolean)}
 	 */
 	@Deprecated
 	protected Map<String, Object> getErrorAttributes(ServerRequest request, boolean includeStackTrace) {
-		return this.errorAttributes.getErrorAttributes(request, includeStackTrace, false);
+		return this.errorAttributes.getErrorAttributes(request, includeStackTrace, false, false);
 	}
 
 	/**
 	 * Extract the error attributes from the current request, to be used to populate error
 	 * views or JSON payloads.
 	 * @param request the source request
-	 * @param includeStackTrace whether to include the error stacktrace information
-	 * @param includeDetails whether to include message and errors attributes
+	 * @param includeStackTrace whether to include the stacktrace attribute
+	 * @param includeMessage whether to include the message attribute
+	 * @param includeBindingErrors whether to include the errors attribute
 	 * @return the error attributes as a Map
 	 */
 	protected Map<String, Object> getErrorAttributes(ServerRequest request, boolean includeStackTrace,
-			boolean includeDetails) {
-		return this.errorAttributes.getErrorAttributes(request, includeStackTrace, includeDetails);
+			boolean includeMessage, boolean includeBindingErrors) {
+		return this.errorAttributes.getErrorAttributes(request, includeStackTrace, includeMessage,
+				includeBindingErrors);
 	}
 
 	/**
@@ -173,13 +175,23 @@ protected boolean isTraceEnabled(ServerRequest request) {
 	}
 
 	/**
-	 * Check whether the details attribute has been set on the given request.
+	 * Check whether the message attribute has been set on the given request.
+	 * @param request the source request
+	 * @return {@code true} if the message attribute has been requested, {@code false}
+	 * otherwise
+	 */
+	protected boolean isMessageEnabled(ServerRequest request) {
+		return getBooleanParameter(request, "message");
+	}
+
+	/**
+	 * Check whether the errors attribute has been set on the given request.
 	 * @param request the source request
-	 * @return {@code true} if the error details have been requested, {@code false}
+	 * @return {@code true} if the errors attribute has been requested, {@code false}
 	 * otherwise
 	 */
-	protected boolean isDetailsEnabled(ServerRequest request) {
-		return getBooleanParameter(request, "details");
+	protected boolean isBindingErrorsEnabled(ServerRequest request) {
+		return getBooleanParameter(request, "errors");
 	}
 
 	private boolean getBooleanParameter(ServerRequest request, String parameterName) {

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/reactive/error/DefaultErrorWebExceptionHandler.java

@@ -114,8 +114,10 @@ protected RouterFunction<ServerResponse> getRoutingFunction(ErrorAttributes erro
 	 */
 	protected Mono<ServerResponse> renderErrorView(ServerRequest request) {
 		boolean includeStackTrace = isIncludeStackTrace(request, MediaType.TEXT_HTML);
-		boolean includeDetails = isIncludeDetails(request, MediaType.TEXT_HTML);
-		Map<String, Object> error = getErrorAttributes(request, includeStackTrace, includeDetails);
+		boolean includeMessage = isIncludeMessage(request, MediaType.TEXT_HTML);
+		boolean includeBindingErrors = isIncludeBindingErrors(request, MediaType.TEXT_HTML);
+		Map<String, Object> error = getErrorAttributes(request, includeStackTrace, includeMessage,
+				includeBindingErrors);
 		int errorStatus = getHttpStatus(error);
 		ServerResponse.BodyBuilder responseBody = ServerResponse.status(errorStatus).contentType(TEXT_HTML_UTF8);
 		return Flux.just(getData(errorStatus).toArray(new String[] {}))
@@ -143,8 +145,10 @@ private List<String> getData(int errorStatus) {
 	 */
 	protected Mono<ServerResponse> renderErrorResponse(ServerRequest request) {
 		boolean includeStackTrace = isIncludeStackTrace(request, MediaType.ALL);
-		boolean includeDetails = isIncludeDetails(request, MediaType.ALL);
-		Map<String, Object> error = getErrorAttributes(request, includeStackTrace, includeDetails);
+		boolean includeMessage = isIncludeMessage(request, MediaType.ALL);
+		boolean includeBindingErrors = isIncludeBindingErrors(request, MediaType.ALL);
+		Map<String, Object> error = getErrorAttributes(request, includeStackTrace, includeMessage,
+				includeBindingErrors);
 		return ServerResponse.status(getHttpStatus(error)).contentType(MediaType.APPLICATION_JSON)
 				.body(BodyInserters.fromValue(error));
 	}
@@ -155,10 +159,12 @@ protected Mono<ServerResponse> renderErrorResponse(ServerRequest request) {
 	 * @param produces the media type produced (or {@code MediaType.ALL})
 	 * @return if the stacktrace attribute should be included
 	 */
+	@SuppressWarnings("deprecation")
 	protected boolean isIncludeStackTrace(ServerRequest request, MediaType produces) {
 		switch (this.errorProperties.getIncludeStacktrace()) {
 		case ALWAYS:
 			return true;
+		case ON_PARAM:
 		case ON_TRACE_PARAM:
 			return isTraceEnabled(request);
 		default:
@@ -167,17 +173,34 @@ protected boolean isIncludeStackTrace(ServerRequest request, MediaType produces)
 	}
 
 	/**
-	 * Determine if the message and errors attributes should be included.
+	 * Determine if the message attribute should be included.
 	 * @param request the source request
 	 * @param produces the media type produced (or {@code MediaType.ALL})
-	 * @return if the message and errors attributes should be included
+	 * @return if the message attribute should be included
 	 */
-	protected boolean isIncludeDetails(ServerRequest request, MediaType produces) {
-		switch (this.errorProperties.getIncludeDetails()) {
+	protected boolean isIncludeMessage(ServerRequest request, MediaType produces) {
+		switch (this.errorProperties.getIncludeMessage()) {
 		case ALWAYS:
 			return true;
-		case ON_DETAILS_PARAM:
-			return isDetailsEnabled(request);
+		case ON_PARAM:
+			return isMessageEnabled(request);
+		default:
+			return false;
+		}
+	}
+
+	/**
+	 * Determine if the errors attribute should be included.
+	 * @param request the source request
+	 * @param produces the media type produced (or {@code MediaType.ALL})
+	 * @return if the errors attribute should be included
+	 */
+	protected boolean isIncludeBindingErrors(ServerRequest request, MediaType produces) {
+		switch (this.errorProperties.getIncludeBindingErrors()) {
+		case ALWAYS:
+			return true;
+		case ON_PARAM:
+			return isBindingErrorsEnabled(request);
 		default:
 			return false;
 		}