Comment by oldestofsports
12 days ago
You dont expose error details to the user for security reasons, even though it does indeed make the user experience worse.
12 days ago
You dont expose error details to the user for security reasons, even though it does indeed make the user experience worse.
I understand not exposing a full stack trace, but I don't see any excuse to not even expose a googleable error code. If me having an error code makes your product insecure, then you have a much bigger problem.
I show the stack trace on AGPL projects. Why hide what they can already see for themselves?
The reason I see is that it might expose the value of secret keys or other sensitive variables. But if you are certain it won't happen, then yes