Details
-
Feature Request
-
Resolution: Done
-
Major
-
None
-
None
Description
need to harden docker image in a following way
Debug information must be hidden from the requestor and optional -> display an Error page to the requestor
details on howto:
In the tomcat doc https://tomcat.apache.org/tomcat-8.0-doc/config/valve.html#Error_Report_Valve: it is proposed to configure in the server.xml file a errorreportvalve that will not expose any tomcat related information
<Valve className="org.apache.catalina.valves.ErrorReportValve" showReport="false"
showServerInfo="false"
/>