eugene-davis
commented
10 years ago Some exceptions already are breaking this rule, and should be fixed when found.
Open eugene-davis opened 10 years ago
eugene-davis
commented
10 years ago Some exceptions already are breaking this rule, and should be fixed when found.
eugene-davis
commented
10 years ago We may wish to provide error codes which map to more detailed errors, and have a debug setting which will output those errors.
If a ID doesn't have the right privileges, it should not return information about things like the element type, this is potentially information leakage to an attacker.