Hello,
After a security audit we got some “red flags”.
One of them was the following, when there is a java exception, the user gets a popup with the error message and a button “Details”. These details contain a full stack trace. On the bottom of that stacktrace there is a line with the forms session id.
Our application is accessed by a load balancer/reverse proxy , however this message is showing the name of the real server (probably the name of the managed weblogic server?).
This is an example when I start the application and then cut my network access, after the number of retries there is an exception.
This leads me to my 3 questions:
- is it possible to disable that error popup?
- if not is it possible to “disable” the Details button?
- is it possible to not show that session id information or not show the real server name
Thank you,
Tom
PS: we already tried the config parameter: hideClientExceptions but this does not prevent the popup