You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Dominique Jäggi (JIRA)" <ji...@apache.org> on 2014/10/14 14:50:34 UTC

[jira] [Created] (SLING-4049) Errorhandling: Allow Configuration of Displaying Stacktraces/Request Progress

Dominique Jäggi created SLING-4049:
--------------------------------------

             Summary: Errorhandling: Allow Configuration of Displaying Stacktraces/Request Progress
                 Key: SLING-4049
                 URL: https://issues.apache.org/jira/browse/SLING-4049
             Project: Sling
          Issue Type: Improvement
          Components: Servlets
            Reporter: Dominique Jäggi


it should be configurable whether during error display (40x, 50x, etc) stacktraces or the request progress is displayed or not. 

for production systems it is undesirable to exhibit information that may allow an attacker to determine internal information such as used scripts, paths, classes, line numbers, etc.

ideally this could be centrally configured, affecting both e.g. the JSP handlers (404.jsp) as well as any other facility outputting error conditions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)