Audit requirement: Error Handling
Standard local install of YouTrack.
Audit has recommended changing default error handling to limit the information displayed on an error page.
Regarding the related findings (default configuration and error handling):
If not possible to use a personalised error messages template, it is recommended to remove the version information from the error messages returned to the user. In order to do this, you can disable the “showServerInfo” and “showReport” variables
Where / is there an equivalent setting in YouTrack ?
Where would I implement this change ?
Please sign in to leave a comment.
Hello,
Which exactly error messages do you mean? As far as I know we do not display version information in the error messages.
The messages cannot be customized, unfortunately. However, you can create your own error messages using our workflow rules (https://www.jetbrains.com/help/youtrack/incloud/Workflow-Tutorial.html)
Hope it helps.