[JAVA] Error Message Information Disclosure
Use simple phrases only if necessary.
Error information or system information should not be printed on the console or browser, but should be logged or printed in simple phrases if necessary
Example of system data information disclosure (removal target code)
System.out.println(e.getMessage());,
Wrong ex)
}catch(NullPointerException e){
System.out.println("Error : "+e);
}
}
Right ex)
}catch(NullPointerException e){
logger.error("ERROR-01 NullPointerException");
OR
System.out.println("ERROR-01 NullPointerException");
}
}
😀
Thank you !!
고마워 !!
Comments
Post a Comment