Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-23934

Do not send the whole exception stack trace by default

    XMLWordPrintable

    Details

    • Tags:
    • Story Points:
      2

      Description

      When the REST API (or Automation) throws an Exception, the exception stack trace is sent:

      • if the org.nuxeo.rest.stack.enable=true parameter is present
      • if the caller set the accepted media type to application/json+nxentity

      The second one means that anybody can have the whole stack trace if the accepted media type is correctly set to application/json+nxentity.

      Make sure that the whole stack trace is only sent if the parameter org.nuxeo.rest.stack.enable is set to true.

        Attachments

          Issue Links

          depends on

          Task - A task that needs to be done. NXP-23939 Remove nuxeo-automation-client module

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open
          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. NXP-23861 Raising an exception while using REST shows the whole stack trace

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

            Activity

              People

              • Assignee:
                troger Thomas Roger
                Reporter:
                troger Thomas Roger
                Participants:
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated: