+++ This bug was initially created as a clone of Bug #1191517 +++

When Phusion Passenger fails, it displays environment variables to the user. This ticket is based on this thread: http://stackoverflow.com/questions/27379199/openshift-passenger-shows-env-variables-on-fail

Anything you can do to get passenger to fail will reproduce the issue. These are the steps that I did.

Steps to Reproduce:
1. Migrate a rails app on a Ruby1.9 cartridge to a Ruby 2.0 cartridge where rack version is 1.4.5.

Actual results:

Phusion Passenger fails and shows the user the environment variables & values.

Expected results:

Display a "Something Went Wrong" message to the user and write the error to the log.

Additional info:

This is a scary bug as people can store very sensitive info in environment variables such as secret api keys.

--- Additional comment from Maciej Szulik on 2015-02-13 05:42:50 EST ---

It appears to be a bug in Phussion Passenger we're using, since docs [1] specifically say that PassengerAppEnv set to production, which we do by default, should lead to showing just simple 'Something Went Wrong' error page. To make it working again I've added conditional turning those pages on/off with this PR [2].
This is done for all our ruby carts. 

[1] https://www.phusionpassenger.com/documentation/Users%20guide%20Apache.html#PassengerFriendlyErrorPages
[2] https://github.com/openshift/origin-server/pull/6072

--- Additional comment from openshift-github-bot on 2015-02-13 11:08:35 EST ---

Commits pushed to master at https://github.com/openshift/origin-server

https://github.com/openshift/origin-server/commit/f8704605fba212b3951e9322fb4599d1c57bf321
Bug 1191517 - Passenger is not hiding ErrorPages even when production is
specified. Added additional logic to force hiding ErrorPages when not in
development.

https://github.com/openshift/origin-server/commit/21780f8f48567aa432ab76cee78005af0cf1ff1a
Merge pull request #6072 from soltysh/bug1191517

Merged by openshift-bot

--- Additional comment from Hou Jianwei on 2015-02-15 21:50:43 EST ---

@Steve, could you please provide information on how you made passenger fail in your case? Thank you.

--- Additional comment from Maciej Szulik on 2015-02-16 05:00:50 EST ---

I usually added something along this in config.ru:

map '/error' do                                                               
  raise Error.new
end

That usually was enough to get Phussion error.

--- Additional comment from Hou Jianwei on 2015-02-16 21:20:54 EST ---

Verified on devenv_5433

1. Create a rails app with the rails-example quickstart
rhc create-app rails mysql-5.1 --from-code https://github.com/openshift/rails-example.git
2. Set RAILS_ENV=development
rhc env set RAILS_ENV=development -a rails
3. Add something to the app to get Phussion error according to comment 4
Add following to config.ru, then commit and push updates.
```
map '/error' do                                                               
  raise Error.new
end
```
4. Access $app_url/error, in the page Phusion Passenger listed all the errors
5. Set RAILS_ENV=production, then restart the app
rhc env set RAILS_ENV=production -a rails
rhc app-restart -a rails
6. Access $app_url/error, the page shows 'Internal Server Error, the Phusion Passenger is not displayed.

--- Additional comment from Steve Arnold on 2015-02-24 10:34:56 EST ---

(In reply to Hou Jianwei from comment #3)
> @Steve, could you please provide information on how you made passenger fail
> in your case? Thank you.

I had a rails 3 app on ruby 1.9 with rack version 1.4.5. I took a snapshot and then tried to restore it to a ruby 2.0 cartridge. It failed with some type of rack version error. I don't recall the exact text. Please let me know if you have further questions.