Pass 500/Exception handlers to both error middlewares

[faroukBakari]

Summary

This PR fixes the long-standing issue where custom 500 and Exception handlers are excluded from ExceptionMiddleware, causing them to bypass the user middleware stack (including CORSMiddleware).

Problem

Currently in build_middleware_stack(), handlers for 500 and Exception are special-cased to only pass to ServerErrorMiddleware and are excluded from ExceptionMiddleware:

for key, value in self.exception_handlers.items():
    if key in (500, Exception):
        error_handler = value
    else:
        exception_handlers[key] = value  # 500/Exception never added here

This causes:

• CORS headers missing on 500 responses (browsers can't read error details)
• Logging/monitoring middleware cannot track 500 errors
• Correlation ID middleware headers stripped from error responses
• Inconsistent behavior: 404 errors pass through middleware, 500 errors don't

Solution

Remove the else clause so 500/Exception handlers are passed to both middlewares:

for key, value in self.exception_handlers.items():
    if key in (500, Exception):
        error_handler = value
    exception_handlers[key] = value  # Now always added

This allows:

1. ExceptionMiddleware to handle the exception first (inside user middleware stack)
2. ServerErrorMiddleware to act as a fallback for truly unhandled exceptions

Related Issues

This addresses the root cause of many long-standing issues:

Starlette:

• Fixes Custom 500 or Exception handlers do not run through middleware like other handled exceptions. #1175 - Custom 500/Exception handlers don't run through middleware
• Fixes Error are not reported using CORS middleware #1116 - CORS headers missing on errors

FastAPI (downstream impact):

• Resolves cors and error status 500 and handle it in frontend fastapi/fastapi#775 / Discussion #7847
• Resolves Unable to catch Exception via exception_handlers since FastAPI 0.70.0 fastapi/fastapi#4025 / Discussion #8647
• Resolves Custom Exception not being catch python-FastAPI fastapi/fastapi#2094 / Discussion #7315
• Resolves CORS headers on exception handler responses fastapi/fastapi#457
• Resolves CORS middleware not working !  fastapi/fastapi#5263
• Resolves HTTP_500_INTERNAL_SERVER_ERROR cause a CORS error on frontend fastapi/fastapi#4071

Backward Compatibility

• Debug mode: ServerErrorMiddleware still provides debug tracebacks as fallback
• No handler registered: Behavior unchanged (ServerErrorMiddleware handles it)
• Handler registered: Now runs through middleware stack first, with ServerErrorMiddleware as safety net

[Kludex]

This is not a bug.

All the pointed issues are closed.