When InputStream cannot be opened while writing static resource response, display 404 instead of 500 (#10920)
A security audit revealed that it is possible to trigger an error 500 with
stack trace by just trying a directory traversal. An example of this can be
found in the sampler: http://demo.vaadin.com/sampler/VAADIN/widgetsets/
While there are other scenarios that can produce exceptions, in this place
Vaadin can handle it more graceful by just catching the exception and
returning 404.
projects / vaadin-framework.git / commit