You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Dominique Jäggi (JIRA)" <ji...@apache.org> on 2014/10/14 14:50:34 UTC
[jira] [Created] (SLING-4049) Errorhandling: Allow Configuration of
Displaying Stacktraces/Request Progress
Dominique Jäggi created SLING-4049:
--------------------------------------
Summary: Errorhandling: Allow Configuration of Displaying Stacktraces/Request Progress
Key: SLING-4049
URL: https://issues.apache.org/jira/browse/SLING-4049
Project: Sling
Issue Type: Improvement
Components: Servlets
Reporter: Dominique Jäggi
it should be configurable whether during error display (40x, 50x, etc) stacktraces or the request progress is displayed or not.
for production systems it is undesirable to exhibit information that may allow an attacker to determine internal information such as used scripts, paths, classes, line numbers, etc.
ideally this could be centrally configured, affecting both e.g. the JSP handlers (404.jsp) as well as any other facility outputting error conditions.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)