Sign in Register
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Nate 143 posts 184 karma points
    Sep 20, 2010 @ 19:48
    Nate
    0

    ASP.net Vulnerability Package Question

    I ran the new package on my prd and dev sites.  It found this vulnerability

     

    • different error pages for different error codes
      Your website should only contain a single type of error page for all server errors
    Even though my site only redirects to one custom page.  I then allowed it to fix the changes and it changed:
     <customErrors mode="On" defaultRedirect="~/Error.aspx" redirectMode="ResponseRewrite">
    to
     <customErrors mode="On" defaultRedirect="~/umbraco/plugins/poetpatcher/CustomError.aspx" redirectMode="ResponseRewrite">
    Is there a reason why we can't use our own custom error page?
    -Nate
    Copy Link
  • Sascha Wolter 615 posts 1101 karma points
    Sep 21, 2010 @ 12:40
    Sascha Wolter
    0

    Hi Nate,

    I don't see any issue with using your own error page, as long as it is not giving out any information about the specifics of the error.

    Sascha

    Copy Link

  • This forum is in read-only mode while we transition to the new forum.

    You can continue this topic on the new forum by tapping the "Continue discussion" link below.

Please Sign in or register to post replies