the user should get a friendly "Sorry" screen, with
instructions to try again, and a way to notify the webmaster
in reply to Re: Does fatalsToBrowser give too much information to a cracker?
in thread Does fatalsToBrowser give too much information to a cracker?
I think it depends on the application. If you are offering
a free service, you can probably get away with this. If you
are offering a service where you have customers that are paying
for the usage of your page, you'll need to have more than
Otherwise, you'll end up with a support department always
trying to figgure out what to tell a customer whenever they
write in and ask what went wrong.
In my experience, the best system is short descriptive
error messages. These give clueful users enough info that they
don't need to request support. It also gives your support
department enough info to go on that they don't have to
spend so much time helping the less-cluefull users (or
bugging the programmers).
Your results may vary.