Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at

  • lori ryan 239 posts 573 karma points
    Feb 02, 2021 @ 17:38
    lori ryan

    Umbraco forms Qualys scan - formId, Theme verbose errors

    Umbraco forms The qualys security scan is appending items to the formId and theme on the umbraco forms causing verbose errors.

    Although I have a custom 500 page there its able to get through to the YSOD.

    Is there any way to 1) Stop the formId and Theme from being editable (Ive tried editing the render and making them disabled but that stops the form working)

    2) Clean these fields on submit

    My 500 page is set up as follows

    <customErrors mode="Off" redirectMode="ResponseRewrite" defaultRedirect="~/500.aspx">
        <error statusCode="400" redirect="~/400.aspx"/>
        <error statusCode="404" redirect="~/404.aspx"/>
        <error statusCode="500" redirect="~/500.aspx"/>

              <httpErrors errorMode="Custom" existingResponse="Replace" > 
                  <remove statusCode="404" subStatusCode="-1" />
                     <remove statusCode="500" subStatusCode="-1" />
                    <error statusCode="404" path="404.html" responseMode="ExecuteURL"/>
                    <error statusCode="500" path="500.html" responseMode="File"/>

      <location path="media">
                <httpErrors errorMode="Custom" existingResponse="Replace">
                    <remove statusCode="404"/>
                    <error statusCode="404" path="404.html" responseMode="File"/>
  • lori ryan 239 posts 573 karma points
    Jun 24, 2021 @ 11:31
    lori ryan

    guys just wondeirng if anyone else came across this

Please Sign in or register to post replies

Write your reply to: