You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by vi...@apache.org on 2014/05/08 09:55:35 UTC

svn commit: r1593200 - /tomcat/trunk/webapps/docs/security-howto.xml

Author: violetagg
Date: Thu May  8 07:55:35 2014
New Revision: 1593200

URL: http://svn.apache.org/r1593200
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=56383
Document ErrorReportValve's new property 'showReport' on the "security HowTO" page.

Modified:
    tomcat/trunk/webapps/docs/security-howto.xml

Modified: tomcat/trunk/webapps/docs/security-howto.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/security-howto.xml?rev=1593200&r1=1593199&r2=1593200&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/security-howto.xml (original)
+++ tomcat/trunk/webapps/docs/security-howto.xml Thu May  8 07:55:35 2014
@@ -362,7 +362,9 @@
 
       <p>The default ErrorReportValve can display stack traces and/or JSP
       source code to clients when an error occurs. To avoid this, custom error
-      handling can be configured within each web application.</p>
+      handling can be configured within each web application. Alternatively, you
+      can explicitly configure an <a href="config/valve.html">ErrorReportValve</a>
+      and set its <strong>showReport</strong> attribute to <code>false</code>.</p>
     </subsection>
 
     <subsection name="Realms">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org