https://bz.apache.org/bugzilla/show_bug.cgi?id=58238
Bug ID: 58238
Summary: ErrorReportValve - default showReport / showServerInfo
to false
Product: Tomcat 9
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P2
Component: Catalina
Assignee: [email protected]
Reporter: [email protected]
Update org.apache.catalina.valves.ErrorReportValve so that showReport and
showServerInfo default to false
This makes it secure by default and prevents the extra effort by admins to go
in and turn it off.
Other touch points (that I notice)
- server.xml [add as a comment how to re-enable] <Valve
className="org.apache.catalina.valves.ErrorReportValve" showReport="true"
showServerInfo="true"/>
- valve.html - to reflect new defaults
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
