Thanks, folks! Excellent catch - we should not decide whether to allow it or not, but rather make it configurable.
On Tue, Sep 19, 2017 at 10:43 AM, Alexey Goncharuk < alexey.goncha...@gmail.com> wrote: > I think the protocol should allow both, and the behavior should be either > configurable or enabled via a system property. Every web server known to me > allows exposing this information for debugging purposes. > > 2017-09-19 10:20 GMT+03:00 Vladimir Ozerov <voze...@gridgain.com>: > > > Igniters, > > > > We had a discussion about how to propagate error information from cluster > > nodes to the client. My opinion is that we should pass a kind of vendor > > code plus optional error message, if vendor code is not very specific. > > > > Alternative idea is to pass the whole stack trace as well. I agree that > > this is very useful for debugging purposes, but on the other hand IMO it > > imposes security risk. By sending invalid requests to the server user > might > > get sensitive information about server configuration, such as it's > version, > > version of the underlying database, frameworks etc.. This information may > > help attacker to apply some version-specific attacks. This is precise > > reason why default error pages of web servers with stack traces are > always > > replaces with some stubs. > > > > This is why I think we should not include stack traces. > > > > What do you think? > > > > Vladimir. > > >
