Make Option to Strip Location from Errors sent to Clients

[lamgea]

Full error-messages, including the code-location are sent to the client.

• [ ] Provide option to strip non-essential information before sending the error to the client.

edit @da2ce7

---

Whenever a failure reason is sent, there will be a Location value attached which might reveal some of the internal functionality. It may be a unwanted behavior and potentially dangerous.

[da2ce7]

@lamgea Thank You for your comment and concern. – In general I believe we think that this information is not so sensitive. (edit: of course, we could be shown to be wrong).

I believe for administrators, and developers, that this information provides a grater benefit than risk: Since we are an open source AGPL project, so the source code should be shared in-any-case with the end users.

I will keep this issue open, as it is possible that we could create an override that strips the extra info from error messages to comfort the extra careful administrators.

[lamgea]

Thank for your reply, and it does makes sense. Tracker maintainers can really benefit from this kind of messages if anything really goes wrong. But it will also be nice if we have a option to turn it off.