Disabling browser based debug messages
16 visualizações
Pular para a primeira mensagem não lida
db...@essex.ac.uk
7 de mar. de 2022, 08:54:5507/03/2022
para vocbench-user
Hi, we recently had a pen test conducted on our instance of VocBench 10.1 and one of the observations is:
Many thanks, Darren (UK Data Archive)
"Vocbench's error pages show highly detailed error trace logs. Attackers can collect information about the system easily and prepare attacks accordingly."
Is there any configurable way we can disable browser based debug messages like the attached?
Many thanks, Darren (UK Data Archive)
Armando Stellato
7 de mar. de 2022, 12:32:1207/03/2022
para db...@essex.ac.uk, vocbench-user
Dear Darren,
Thanks for reporting this. I guess we can put an option for omitting the “details” part from the server responses.
Kind Regards,
Armando
--
You received this message because you are subscribed to the Google Groups "vocbench-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
vocbench-use...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/vocbench-user/2f8bc5c7-5cb4-411c-9bc8-f75d269f39den%40googlegroups.com.
Responder a todos
Responder ao autor
Encaminhar
0 nova mensagem