SID-HARD-01 — Error Message Sanitization
| Property | Value |
|---|---|
| Owner | platform |
| Category | technical |
| CSF Function | protect |
| Group | System Hardening Controls |
Description
ErrorCode.UserFacingMessage() maps internal error codes to generic user-facing messages. Internal errors never exposed to WebSocket/HTTP clients. err.Error() removed from HTTP response bodies.
Components
Source References
Framework Requirements
EUDI Security Requirements: WUP-8.2.3-Fun-02, WUH-8.3.2-Sec-02, WIN-8.4.1-Sec-03, WIN-8.4.4-01
ISO 27001 Annex A: A.8.12, A.8.28
OWASP ASVS 4.0.3 Level 3: V7.4, V14.3
STRIDE Threat Model: SP-E-1