https://bz.apache.org/bugzilla/show_bug.cgi?id=65598
Bug ID: 65598
Summary: Security by default with Tomcat error pages
Product: Tomcat 8
Version: 8.5.71
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ----
The default error pages provide a detailed report and server version by
default.
To prevent information disclosure and gathering this default behaviour should
be changed to not to report this information.
This could probably be done by setting
public class ErrorReportValve extends ValveBase {
private boolean showReport = false;
private boolean showServerInfo = false;
}
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]