Y
Hacker News
new
|
ask
|
show
|
jobs
by
oldestofsports
134 days ago
You dont expose error details to the user for security reasons, even though it does indeed make the user experience worse.
1 comments
falcor84
134 days ago
I understand not exposing a full stack trace, but I don't see any excuse to not even expose a googleable error code. If me having an error code makes your product insecure, then you have a much bigger problem.
link
teaearlgraycold
134 days ago
I show the stack trace on AGPL projects. Why hide what they can already see for themselves?
link
falcor84
134 days ago
The reason I see is that it might expose the value of secret keys or other sensitive variables. But if you are certain it won't happen, then yes
link