You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description
When triggering an error in the sunstone-server, the user is given a full stack trace with a lot of debug info. This should be disabled by default to prevent information disclosure.
I guess this settings should be based on :env in the sunstone-server.conf. If it's set to prod (by default), it should set the production environment in Sinatra as well. Right now it only takes different CSS/JS files.
Description
When triggering an error in the sunstone-server, the user is given a full stack trace with a lot of debug info. This should be disabled by default to prevent information disclosure.
To Reproduce
Expected behavior
I expected Sinatra to return
Details
Additional context
Add any other context about the problem here.
You can fix this by setting the environment for sunstone-server to production by default. You can do so by:
set :environment, :production
in sunstone-server.rb (preferred, APP_ENV overrides this)Progress Status
The text was updated successfully, but these errors were encountered: