> Am 02.04.2022 um 10:04 schrieb l...@kreuser.name: > > Joe, > >> Am 02.04.2022 um 00:53 schrieb Joseph Michaud <joseph.mich...@smartbear.com>: >> >> As I understand it, an ErrorReportValve is an application-level filter. An >> HTTP request error (like an unknown URL) that reaches it will be processed. >> With the ErrorReportValve I can modify the information presented in the >> report. However, an *invalid* URL is not assignable to any application. No >> ErrorReportValve would apply to it. >> >> An invalid URL generates a 400 response. In Tomcat 8.5, there was no error >> report included in that response. In Tomcat 9.0, the default error report is >> included. The default error report includes Tomcat version information. Some >> security-conscious customers don't want version information displayed but >> now, with Tomcat 9.0, I cannot remove that information. >> >> I think the answer is 'no', but I'll ask anyway.... Is there a global-level >> ErrorReportValve capability? Or some facility to easily remove the version >> information from an 'invalid URL' error report? (I'm aware of modifying the >> ServerInfo.properties file, but that affects more than just the error >> report...) >> > > this goes in server.xml like this > > <Host name="localhost" appBase="webapps" > unpackWARs="false" autoDeploy="false" deployXML="true"> > > <Valve className="org.apache.catalina.valves.ErrorReportValve" > showReport="false" showServerInfo="false" /> > > </Host> > > you may also add > errorReportValveClass="com.logo.tomcat.valves.CustomErrorReportValve" to the > host attributes. >
to add your own ErrorReportValve I wanted to add :-) > Hope this helps > > Peter > >> Joe >> >> We hope you found this email of interest; however, click here if you wish to >> unsubscribe<http://www2.smartbear.com/SubscriptionCenter.html?utm_source=outlook&utm_medium=email&utm_content=emailsig> >> or manage your email preferences. Privacy >> Policy.<https://smartbear.com/privacy/> >> >> Disclaimer >> >> The information contained in this communication from the sender is >> confidential. It is intended solely for use by the recipient and others >> authorized to receive it. If you are not the recipient, you are hereby >> notified that any disclosure, copying, distribution or taking action in >> relation of the contents of this information is strictly prohibited and may >> be unlawful.
