Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Disable Stack/trace methods

Prabhu
Prabhu October 17, 2016

How to configure Jira handle all errors and must not display any debug information or verbose messages thus revealing sensitive parameters?

Answer
Watch
Like Be the first to like this
961 views

1 answer

1 vote
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 17, 2016

You don't.  It's designed, like all good systems, to tell you what is going wrong.

View More Comments
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
January 11, 2017

No.  That's a vast oversimplification, and not helpful at all.

You absolutely should upgrade if you want to reduce the problem.  In Atlassian applications (like most others) stack traces only go to users when the application is not coded to catch them properly and present something nicer.  Upgrading will reduce the frequency of that, as more areas catch and handle them.

Also, stack traces that users see don't contain debug information that reveals sensitive information.

 

Like
Steve Bachinsky
Steve Bachinsky November 21, 2019

Proper evaluation of what data constitutes "sensitive information" is complex, and likely to become more so in the future.  Having the stack trace is helpful in a development and testing environment, but not in a production environment where the primary users will only be scared or disappointed.

There are environments where it is necessary to manage all data that is disclosed by an application, and the ability to minimize diagnostic logging data helps with that process.  Please consider adding a configuration knob to disable the logging of stack trace and other data that is not useful in a production environment.

Like Cheryl_Fogle likes this
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events