web.config settings to secure InForm .NET projects

To prevent sensitive information from being released, customErrors in the web.config file must be turned off. This ensures that the stack trace of an error is not shown publicly.

<customErrors mode="On" />

The setting is RemoteOnly by default. If you customize web.config files, verify that the value is set to On or RemoteOnly before deploying it to production.

You can find the web.config file in <InForm_install_directory>/bin/aspmvc project.

• Access to Oracle Support
• Accessibility
• Legal Notices

Copyright © 2019, 2021 Oracle and/or its affiliates. All rights reserved.