Ensure any 500 response codes do not leak sensitive information

[dberesford]

Security best practice

[davidmarkclements]

if using mu this is now covered with mu.error (service errors default to 500, mu.error wraps boom, and boom strips 500+ messages)

we'll need to figure out an approach for non-mu usage (i.e. restify)