Your error page can be better
Error pages. Most people don't really consider error pages when building a website or application. They usually contain some debug information so that when something goes wrong the developer knows what is wrong. But in a lot of cases when an application goes into production, this information is still exposed.
Today the Giro d'Italia is coming through our province (Utrecht). For this, a special website was set up which gives information on the route and all kinds of related topics. I wanted to check on the info, but instead of getting the main site, I got this:
Now, with sites like this you never know what kind of loads you can get. There are solutions for that (cloud computing would apply well here) but that's not what I wanted to talk about. I wanted to talk about what I'm seeing in the above image...
Your average visitor will come to your site expecting information. If something goes wrong (which can always happen), they only need to know that something went wrong, and perhaps they should get a phone number or e-mailaddress where they can report the error. At the least, the visitor should be informed of the error in the design of the rest of the website, so that they are aware of the fact that this error is indeed generated by your website, and it's not a problem on their side for instance.
The thing is, most people won't know what MySQL is, or which database is giving an error here. For all they know, a database could be part of the browser, and MySQL could be some kind of code for the error. It gets worse when with some applications full exception stack traces are outputted, sometimes including database credentials. Not only do you give the average visitor information they don't need, you also give malicious users a huge amount of information they can use to try and get into your application.
If you are working on a website or an application, you should output all that information in your development environment. But before moving to production, this should be switched to a simpler, more user-friendly error-page. Now frameworks such as Zend Framework and symfony have special settings for that using different environments, which makes it really easy for a developer to switch between the developer-view of an error-page and the user-friendly one. Perhaps more systems, including CMS-es, should pay more attention to this. But in the end, it is also the responsibility of the developer to keep this in mind. Next time, before you deploy a new version of your application, consider the error page, and think about what it should and should not expose to your average visitor.
Update: It's not just your application that you need to check, and so I found out the hard way right after publishing this article and running into some Nginx error 500 pages. I'm going to read up on Nginx configuration soon 
May 9, 2010 - tags: php, symfony, zend framework, errors
Comments
anemometers for home: portable weather cup anemometer has rotating cups that provide accurate air velocity measurements. i also get written comments in chat room from the other listeners all over the world. when soil ph is balanced, lawns and plants thrive. calorimetric accuracy is improved by systems of small volume with one short dimension and by intense stirring, thus long, thin, cylindrical calorimeters are favored by m new hanna digital refractometer for fructose w atc $160.99.May 22, 2013
mp3 player itunes compatible: but the good news is that sweat by itself is actually odorless. posts: 16,319 thanks: 1,432. registered through: godaddy.com, llc ( domain name: mp3playerstore.com.May 31, 2013
Forum Phentermine Australia: what should be the duration of taking phentermine 37.5 mg? in 2009, rdk holdings was released along with a safer solution, the phen375 fat burner, a synthetic fat burner. even though phen375 fat burner elements are modeled after those found in phentermine, there are no side effects associated together with its formulation. soon, as phen375 (full name - phentemine375) became popular amongst those who need to burn fat, several pleased consumers came out with their own testimonials on how this miracle fat loss pill has assisted them lose pounds quick and keep them off for good. phentermine buy online no prescription phentermine without prescription 2011 unlike other weight loss supplements, in particular, diet pills, there are no long lists of side effects to worry about.this makes it extremely difficult for other weight loss supplements to compete. a form of diet that will benefit you greatly is the vegan weight loss. the term vegan comes from the word vegetarian. on some part, these two have a similar meaning; vegetarians may or may not include dairy products to their diet while vegans are totally excluding it from their diet. being a vegan would give you many benefits; that is why vegan population is increasing since its concept got founded.June 4, 2013
cd players for trucks: the sp/dif optical output, perhaps the best feature of the dcc130, is limited in its use. share music to your friends.7. however, to enjoy all of this music in your car, you will need to purchase a special cd player that is capable of reading the data.June 6, 2013
