Question

Hiding stack trace info

0

Hi there One of our clients have recently done a pentest on one of their applications. One of the feedback items that came out of the pentest was that the stack trace is showing information that is security sensitive to unpriviledged/anonymous users. I found a plug-in that seems to provide a solution, but I was wondering whether there is an easy more standard way of hiding stack trace information? Plug-in: https://github.com/jenkinsci/suppress-stack-trace-plugin Thanks

asked 2016-12-02

Gustav Coleske

1 answers

Jaap Pulleman · Answer 1 · 2016-12-05

If this is the result of an activity in a microflow you can do the following:

1) Right-click the activity in the microflow.

2) Change error handling from Rollback to Custom with rollback.

3) Add an activity below the activity of step 1.

4) Set type of action of the new activity to Show message and add your own message (this will be shown instead of the stacktrace).

5) Draw a line from the activity of step 1 to the activity of step 3.

6) Right-click the line (created under step 5) and set it to "Set as error handler".

7) Add an end event activity and draw a line from the activity (step 3) to it.

End result should be something like this:

Example