Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / How to disable error m...
Microsoft Dynamics CRM (Archived)

How to disable error messages

(0) ShareShare
ReportReport
Posted on by tpeschat 4,926

Hi,

our CRM has been pen tested and one issue identified as a gap was "information disclosure".

The testers claimed, that the error messages returned to a user, e.g. if a user is missing privileges, contains to much information, like the stack trace a.s.o.

They said we should deactivate these kind of error messages.

Unfortunately I did not find any documentation, how to do that?

My idea would be to disable these kind of error messages, so that they are not displayed to the users and instead turn on tracing on server side on at least error level, where we then would have to look for such errors, if users are having issues.

Of course I would setup some maintenance plans to zip/archive/delete these logs in regular intervals.

Any feedback about that issue would be highly appreciated ;)

thx Thomas

btw: we are on 8.2.3 on prem

*This post is locked for comments

  • necsa Profile Picture
    necsa 3,455 on at
    RE: How to disable error messages

    Hi Thomas,

    please, can you add a screenshot from error?

  • necsa Profile Picture
    necsa 3,455 on at
    RE: How to disable error messages

    Hi Thomas,

    Is it Script error notification from system or because of dependet some javascript code?

  • tpeschat Profile Picture
    tpeschat 4,926 on at
    RE: How to disable error messages

    Hi,

    there are no issues, which are causing any errors and I am also not talking about any JS errors.

    You can reproduce these kind of errors, e.g. if you send out a link and somebody who doesn't have rights (ownership/team/sharing) tries to open it, ... you can always have such cases and that is what they are claiming about ...

    br T

  • Suggested answer
    _Lars_ Profile Picture
    _Lars_ 225 on at
    RE: How to disable error messages

    I'm not sure if that's possible. The better solution would be to fix what's causing these errors. In my experience Dynamics does not come with these kinds of errors, so I'm guessing this is your own logic. It might be JavaScript from a WebResource, it might be a plugin. Have a look at it and do more error handling in your code. If you query an object or handle a entity property you will need to check if it's initialized before using its functionality for instance.

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

December Spotlight Star - Muhammad Affan

Congratulations to a top community star!

Top 10 leaders for November!

Congratulations to our November super stars!

Tips for Writing Effective Suggested Answers

Best practices for providing successful forum answers ✍️

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,280 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,214 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans