Node.js Web Application does not handle unhandledRejection
Description
Node.js applications that do not implement a handler for the unhandledRejection event are vulnerable to unexpected termination. This event is emitted when a Promise is rejected without an attached error handler. Without proper handling, Node.js will print the stack trace to stderr and terminate the process with exit code 1, causing application downtime. Implementing a global handler for unhandled promise rejections ensures graceful error handling and prevents abrupt service interruptions.
Remediation
Implement a global handler for the unhandledRejection event in your Node.js application to prevent unexpected termination and ensure proper error logging. Add the following code early in your application's entry point (e.g., app.js or server.js):
process.on('unhandledRejection', (reason, promise) => {
console.error('Unhandled Rejection at:', promise, 'reason:', reason);
// Log the error to your logging system
// Optionally implement graceful shutdown or recovery logic
// Do NOT exit the process unless absolutely necessary
});
Additionally, review your codebase to identify promises without proper error handling and add .catch() blocks or use try-catch with async/await:
// Using .catch()
myPromise()
.then(result => handleResult(result))
.catch(error => handleError(error));
// Using async/await with try-catch
async function myFunction() {
try {
const result = await myPromise();
handleResult(result);
} catch (error) {
handleError(error);
}
}
Ensure all promise rejections are properly caught and handled at the appropriate level in your application to prevent them from bubbling up to the global handler.