- What is a verbose error message?
- What are the risks associated with improper error handling?
- How error messages may indicate or disclose useful information?
What is a verbose error message?
"Using or expressed in more words than are needed"
What are the risks associated with improper error handling?
Improper handling of errors can introduce a variety of security problems for a web site. The most common problem is when detailed internal error messages such as stack traces, database dumps, and error codes are displayed to the user (hacker). These messages reveal implementation details that should never be revealed.
How error messages may indicate or disclose useful information?
Error messages provide valuable information to the developer when something goes wrong, allowing them to fix problems with their application and improve the user experience.