0/2014 04:02 PM, Caldarale, Charles R wrote:
>
>> From: August Kleimo [mailto:aug...@kleimo.com]
>>> Subject: "exception-message" header reveals path to document root in 404
>>> response.
>>>
>>
>> I'm failing a PCI compliance scan because m
Thanks, Perhaps it's coming from Railo then. I'll investigate down that
path.
On Fri, Jan 10, 2014 at 3:56 PM, Mark Eggers wrote:
> On 1/10/2014 3:28 PM, August Kleimo wrote:
>
>> I'm failing a PCI compliance scan because my Tomcat Version 7.0.20 server
>
I'm failing a PCI compliance scan because my Tomcat Version 7.0.20 server
is revealing the path to the document web root in an "exception-message"
header when a missing page is requested.
Does anyone know of way to get rid of this header from the response?
Note: I'm running Railo 4.1.2 on top of
