Files · 70d4994502c848b3db82845c97a033448356c938 · DEMO / spring-boot

Disable exception details on default error views · 70d49945

Scott Frederick authored Apr 14, 2020

Prior to this commit, default error responses included the message
from a handled exception. When the exception was a BindException, the
error responses could also include an errors attribute containing the
details of the binding failure. These details could leak information
about the application.

This commit removes the exception message and binding errors detail
from error responses by default, and introduces a
`server.error.include-details` property that can be used to cause
these details to be included in the response.

Fixes gh-20505

70d49945

Name	Last commit	Last update
.github		Loading commit data...
buildSrc		Loading commit data...
ci		Loading commit data...
eclipse		Loading commit data...
git/hooks		Loading commit data...
gradle/wrapper		Loading commit data...
idea		Loading commit data...
spring-boot-project		Loading commit data...
spring-boot-tests		Loading commit data...
src/checkstyle		Loading commit data...
.editorconfig		Loading commit data...
.gitignore		Loading commit data...
CODE_OF_CONDUCT.adoc		Loading commit data...
CONTRIBUTING.adoc		Loading commit data...
LICENSE.txt		Loading commit data...
README.adoc		Loading commit data...
SUPPORT.adoc		Loading commit data...
build.gradle		Loading commit data...
gradle.properties		Loading commit data...
gradlew		Loading commit data...
gradlew.bat		Loading commit data...
settings.gradle		Loading commit data...

README.adoc