Menu Search Sign up

Java Exception thrown back to browser side with submitted bad requests

When manipulating the session cookie of a web application, by removing its TIMESTAMPID section, I got the Java exception trace stack displayed back to the browser.

This is not serious security issue. But the security best practice usually requires that the web applications return user-friendly error information to end users, and do not return error codes or error messages that reveal sensitive system or application details.