Why the "Powered By Tooltwist" widget is important
The "Powered By ToolTwist" needs to be included on each web page, as part of the ToolTwist licence arrangement. There is however an even more compelling reason for page designers and widget developers to include the widget on a page - exception reporting.
ToolTwist is designed to keep running if a single widget has an exception. For example, a Java exception thrown while handling a banner ad won't stop the rest of the page from being displayed as normally as possible.
The "Powered By" icon provides a method to determine if errors occurred for a page, and to view those exception.
These are errors that occurred at the time the page was being generated. When these errors occur, they effect the page no matter how many times the page is displayed, until such time as the page is generated again without errors.
Generation errors are indicated by a small blue dot to the right of the icon.
These occur at the time a user accesses the page.
Runtime errors are indicated by a small green dot to the right of the icon.
The "powered by" icon is designed to look normal to regular users, and the small dots that indicate errors are not normally noticed. Placing the mouse over the dots gives no indication that they do anything useful, but if you click on them a dialog pops up containing details of the exceptions.
This facility can also be used in the Designer.
Errors that occur while a publicly accessible website is running should not be displayed because they may provide information to hackers seeking a way into the application. A common hacking approach is to probe a website with URLs and data values that provide access to the system, for example by causing unintended SQL or Javascript to be run. Exception messages should not be displayed, because they give the hacker information about the effects of their probing.
For this reason, the "Powered By" widget does not display exception errors if the website is configured with
# Is this server used in production?
isProduction=Y
On a busy website it can be hard to track down the cause of an error using log files if messages are being written from users accessing many pages. To track down an error on a specific page, temporarily change this configuration setting and restart the server. This will allow you to access the page and see it's errors via the "powered by" icon, without the clutter of other log file messages.
Important: Remember to change the configuration back when you finish - you don't want to do anything to assist would-be hackers.
--