Open eclipxe13 opened 3 months ago
Hi,
I presume default
is special, because that's the name of the default module in Zend. The error you get only occurs if this name is not all lowercase.
If you don't want stacktraces be visible for anyone, disable this in the configuration.
Wouldn't be appropriate to add a rewrite rule for this to avoid this exception?
If you don't want stacktraces be visible for anyone, disable this in the configuration.
Thanks, this reduce the security risk.
Describe the bug
Accessing route https://my-server/icingaweb2/Default produces an HTTP Status 500 Internal Server Error instead of 404 Not Found as in https://my-server/icingaweb2/NonExistentRoute.
The error message contains:
Undefined array key "Default"
and also contains the following trace that shows information about local set up (considered a security risk):To Reproduce
/Default
, if the url ishttps://my-server/icingaweb2/
then accesshttps://my-server/icingaweb2/Default
. No need to login.Expected behavior
Your Environment
icinga2 --version
): r2.14.2-1php --version
): 8.3.10 (FPM)Additional context
Icinga2 and IcingaWeb2 are installed using Icinga packages. These is also present using Debian (outdated) packages.