SiT! Bugs - SiT!
View Issue Details
0001601SiT!securitypublic2011-06-15 17:392011-09-04 20:45
ivan 
ivan 
normalminorhave not tried
closedfixed 
 
3.65 LTS3.65 LTS 
0001601: Errors should strip path from in-page output
When we report errors we often output full paths, this can give away information about the server architecture and it a potential minor security issue. We should strip paths when outputting errors unless debug mode is switched on. especially on non-authenticated pages.
No tags attached.
Issue History
2011-06-15 17:39ivanNew Issue
2011-06-15 17:39ivanStatusnew => assigned
2011-06-15 17:39ivanAssigned To => ivan
2011-08-31 15:27ivanNote Added: 0004275
2011-08-31 15:27ivanStatusassigned => resolved
2011-08-31 15:27ivanFixed in Version => Current SVN
2011-08-31 15:27ivanResolutionopen => fixed
2011-08-31 15:27ivanNote Added: 0004276
2011-08-31 15:28ivanTarget Version => 3.65 LTS
2011-09-04 17:37ivanFixed in VersionCurrent SVN => 3.65 LTS
2011-09-04 20:45ivanNote Added: 0004293
2011-09-04 20:45ivanStatusresolved => closed

Notes
(0004275)
ivan   
2011-08-31 15:27   
Fixed in SVN r7333
(0004276)
ivan   
2011-08-31 15:27   
Also fixed in Git 1efe858

Paths are displayed when debug mode is on.
(0004293)
ivan   
2011-09-04 20:45   
Fix released in v3.65