Class HandlerError

The base class for errors thrown by API route handlers. It extends AuthError.

Because part of the error message can come from the OpenID Connect error query parameter we do some basic escaping which makes sure the default error handler is safe from XSS.

IMPORTANT If you write your own error handler, you should not render the error message without using a templating engine that will properly escape it for other HTML contexts first.

See

  • the cause property contains the underlying error. IMPORTANT When this error is from the Identity Provider (IdentityProviderError) it can contain user input and is only escaped using basic escaping for putting untrusted data directly into the HTML body. You should not render this error without using a templating engine that will properly escape it for other HTML contexts first.
  • the status property contains the HTTP status code of the error, if any.

Hierarchy

Constructors

constructor

Properties

cause? code name status?

Constructors

constructor

Properties

Optional Readonly cause

cause?: Error

The underlying error, if any.

IMPORTANT When this error is from the Identity Provider (IdentityProviderError) it can contain user input and is only escaped using basic escaping for putting untrusted data directly into the HTML body.

You should not render this error without using a templating engine that will properly escape it for other HTML contexts first.

Readonly code

code: string

A machine-readable error code that remains stable within a major version of the SDK. You should rely on this error code to handle errors. In contrast, the error message is not part of the API and can change anytime. Do not parse or otherwise rely on the error message to handle errors.

Readonly name

name: string

The error class name.

Optional Readonly status

status?: number

The HTTP status code, if any.

Settings

Member Visibility

Theme

On This Page