Grape APIs often bleed internal state through unhandled exceptions. Default behavior leaks stack traces, database schema details, and logic flows. To lock this down, we must implement a global exception handler that sanitizes responses while maintaining internal observability.

The Vulnerable Pattern

class API < Grape::API
  format :json
resource :users do
get ‘:id’ do
# Vulnerable: Raw exceptions (e.g. PG::Error) bubble up to the client
# revealing table names, query structure, or stack traces.
User.find(params[:id])
end
end
end

The Secure Implementation

Stop leaking your stack. The 'rescue_from' block is your primary shield. By targeting ':all', you intercept any 'StandardError' that would otherwise trigger a default 500 page or a JSON trace dump. Always separate internal logging (which should be verbose) from client responses (which should be opaque). Use 'error!' to manually trigger clean, structured JSON responses with appropriate HTTP status codes, preventing attackers from performing side-channel reconnaissance on your infrastructure.

class API < Grape::API
  format :json
1. Global catch-all to prevent info leakage
rescue_from :all do |e|
# Log the real error internally for your eyes only
API.logger.error(“[FATAL] #{e.class.name}: #{e.message}”)
# Return a sanitized response to the client
error!({ error: 'Internal Server Error', code: 500 }, 500)
end
2. Specific handler for expected business logic errors
rescue_from ActiveRecord::RecordNotFound do |e|
error!({ error: ‘Resource not found’, code: 404 }, 404)
end
resource :users do
get ‘:id’ do
User.find(params[:id])
end
end
end