Idea ID: 1796345

SM Web client should display friendly but generic error messages

Status : Waiting for Votes
Waiting for Votes
See status update history
over 2 years ago

The application error messages of Service Manager are not really user-friendly:

 

What does this tell the user?

      Unrecoverable error in application x.y, z

On the other hand error messages do expose frequently some code or queries, which is in general information that should not be shared as it might provide indications of a vulnerability.

 

The idea is:

Implement a generic error message like "Update failed because of internal server error. Please retry later.".

Just keep validation error messages or similiar that give the user concrete information that the issue is with his input.

Only with capability "Debug" or "SysAdmin" detailed application errors should be displayed.

 

Reference:

https://www.owasp.org/index.php/Improper_Error_Handling

QCCR1E68924