Dominique Jäggi created SLING-4049:
--------------------------------------
Summary: Errorhandling: Allow Configuration of Displaying
Stacktraces/Request Progress
Key: SLING-4049
URL: https://issues.apache.org/jira/browse/SLING-4049
Project: Sling
Issue Type: Improvement
Components: Servlets
Reporter: Dominique Jäggi
it should be configurable whether during error display (40x, 50x, etc)
stacktraces or the request progress is displayed or not.
for production systems it is undesirable to exhibit information that may allow
an attacker to determine internal information such as used scripts, paths,
classes, line numbers, etc.
ideally this could be centrally configured, affecting both e.g. the JSP
handlers (404.jsp) as well as any other facility outputting error conditions.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
