Section
7.1.1
Top Level
Sub Level
General
All errors should be caught and handled on the server by the Web application. Uncaught exceptions that are allowed to propagate to the application server may not be properly handled and, along with other problems, may leak information to the client. The application should check all exceptions and error codes from service calls and handle them appropriately.
Coldfusion
- System level site-wide error handling template should be executed for all unhandled exceptions. This is set in the CF Administrator settings.
- System level missing template handler should be executed for missing CF pages (404 errors). This is set in the CF Administrator settings.
- Application level error handling should be handled either via an
onErrormethod in theapplication.cfcto handle uncaught application exceptions or with the<cferror>tag to handle specific exceptions. - Page level error handling to catch particular exceptions should be employed using the
<cftry>,<cfcatch>, and<cfthrow>tags.
Django
By default, Django uses the django.views.defaults.server_error view to handle any uncaught exceptions. The view used can be changed by setting the handler500 variable in your project's URLconf.
Natural Webagent
Handle broker errors and server errors explicitly instead of relying on the implicit, default WebAgent error handling.
PHP
Disable display_errors in production. Instead, on production servers write error output to a log file.