httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <>
Subject Re: Exposed path in response code 500 messages
Date Wed, 14 Oct 1998 00:58:25 GMT
On Tue, 13 Oct 1998, Manoj Kasichainula wrote:

> What does everybody think of the bug reports complaining about path
> names exposed in code 500 responses? I'm tempted to say that the
> webmasters should fix their error 500 problems, but these messages can
> be spit out because of user CGI scripts, which expose the whole
> server. But, turning off error-notes for error 500 loses one of the
> main advantages of error-notes, and this exposure doesn't really seem
> that serious.

It is NOT acceptable to have them sent out by default.

It is fine (and I think Stronghold can) to have an option that sends stuff
out.  But magically deciding that anything logged to the logfile should be
sent is completely bogus.

View raw message