refactor(errors): improve generic error template and remove unsafe exception message output

KolesnikovKirill · KolesnikovKirill · commit 67048008174f · 2025-11-16T01:26:59.000+07:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,15 @@
 
 All notable changes to this package are documented in this file.
 
+## [1.1.0] — 2025-11-16
+
+### Changed
+
+-   Improved the generic error template: now only the standard, safe error message corresponding to the HTTP code is displayed.
+-   Removed the display of raw exception messages in page headers (title and h2) to improve security.
+-   Consistent message generation style: strict matching of the HTTP code with predefined text is used.
+-   Updated the footer in the template (Codemonster Errors).
+
 ## [1.0.0] — 2025-11-10
 
 ### Added
diff --git a/resources/views/errors/generic.php b/resources/views/errors/generic.php
@@ -1,11 +1,31 @@
+<?php
+$defaultMessages = [
+    400 => 'Bad Request',
+    401 => 'Unauthorized',
+    403 => 'Forbidden',
+    404 => 'Not Found',
+    405 => 'Method Not Allowed',
+    408 => 'Request Timeout',
+    422 => 'Unprocessable Entity',
+    429 => 'Too Many Requests',
+    500 => 'Internal Server Error',
+    502 => 'Bad Gateway',
+    503 => 'Service Unavailable',
+    504 => 'Gateway Timeout',
+];
+
+$code = $status ?? 500;
+$messageText = $defaultMessages[$code] ?? 'An unexpected error occurred';
+?>
+
 <!DOCTYPE html>
 <html lang="en">
 
 <head>
     <meta charset="UTF-8">
     <title>
         <?= htmlspecialchars($status) ?>
-        — <?= htmlspecialchars($message ?: 'An unexpected error occurred') ?>
+        — <?= htmlspecialchars($messageText) ?>
     </title>
     <style>
         :root {
@@ -34,40 +54,33 @@
             font-size: 52px;
             margin-bottom: 10px;
             color: #007bff;
-            /* Codemonster blue */
         }
 
         h2 {
             font-size: 22px;
             color: #334155;
-            /* slate-700 */
             margin-bottom: 12px;
         }
 
         p {
             color: #64748b;
-            /* slate-500 */
             font-size: 16px;
         }
 
         footer {
             margin-top: 24px;
             color: #94a3b8;
-            /* slate-400 */
             font-size: 13px;
         }
 
-        /* 🌙 Dark theme */
         @media (prefers-color-scheme: dark) {
             body {
                 background: #0a192f;
-                /* deep navy blue */
                 color: #e2e8f0;
             }
 
             h1 {
                 color: #339cff;
-                /* lighter Codemonster blue */
             }
 
             h2 {
@@ -86,32 +99,11 @@
 </head>
 
 <body>
-    <?php
-    $defaultMessages = [
-        400 => 'Bad Request',
-        401 => 'Unauthorized',
-        403 => 'Forbidden',
-        404 => 'Not Found',
-        405 => 'Method Not Allowed',
-        408 => 'Request Timeout',
-        422 => 'Unprocessable Entity',
-        429 => 'Too Many Requests',
-        500 => 'Internal Server Error',
-        502 => 'Bad Gateway',
-        503 => 'Service Unavailable',
-        504 => 'Gateway Timeout',
-    ];
-
-    $code = $status ?? 500;
-    $messageText = $message
-        ?: ($defaultMessages[$code] ?? 'An unexpected error occurred');
-    ?>
-
     <div class="container">
         <h1><?= htmlspecialchars($code) ?></h1>
         <h2><?= htmlspecialchars($messageText) ?></h2>
         <p>Sorry, something went wrong while processing your request.</p>
-        <footer>Codemonster Annabel</footer>
+        <footer>Codemonster Errors</footer>
     </div>
 </body>
 
