Please remove me from receipient list. Get Outlook for iOS<https://aka.ms/o0ukef> ________________________________ From: Colm O hEigeartaigh <cohei...@apache.org> Sent: Friday, May 17, 2024 6:39:29 PM To: dev@activemq.apache.org <dev@activemq.apache.org> Subject: Disable stack traces on HTTP Transport
[You don't often get email from cohei...@apache.org. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ] CAUTION: This e-mail originated from outside of Mox Bank. Do not click links or open attachments unless you recognise the source of the e-mail and know the contents are safe. Hi, Is there a way to disable stack traces being returned with the HTTP Transport. Using 5.18.x I configure AMQ with <transportConnector name="http" uri="http://localhost:12345"/ Then with curl if I post some XML data I get: <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/> <title>Error 500 com.thoughtworks.xstream.security.ForbiddenClassException: jdk.nashorn.internal.objects.NativeString</title> </head> <body><h2>HTTP ERROR 500 com.thoughtworks.xstream.security.ForbiddenClassException: jdk.nashorn.internal.objects.NativeString</h2> <table> <tr><th>URI:</th><td>/</td></tr> <tr><th>STATUS:</th><td>500</td></tr> <tr><th>MESSAGE:</th><td>com.thoughtworks.xstream.security.ForbiddenClassException: jdk.nashorn.internal.objects.NativeString</td></tr> <tr><th>SERVLET:</th><td>org.apache.activemq.transport.http.HttpTunnelServlet-1fdca564</td></tr> <tr><th>CAUSED BY:</th><td>com.thoughtworks.xstream.security.ForbiddenClassException: jdk.nashorn.internal.objects.NativeString</td></tr> </table> <h3>Caused by:</h3><pre>com.thoughtworks.xstream.security.ForbiddenClassException: jdk.nashorn.internal.objects.NativeString at com.thoughtworks.xstream.security.NoTypePermission.allows(NoTypePermission.java:26) etc. It's a bad practice from a security point of view to return detailed error messages to clients. I didn't see an obvious way of turning this off though. Colm. This email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please delete all copies and notify the sender immediately. You may wish to refer to the incorporation details of Mox Bank Limited at mox.com which is a subsidiary of the Standard Chartered PLC group. Please refer to https://mox.com/legal-documents/privacy/ for Mox Bank Limited's Privacy Policy.
