Lets assume the ArcGIS API for JavaScript code from here:
// ...
async function execute(): Promise<void> {
// ...
try {
await jobInfo.waitForJobCompletion({
statusCallback: checkJobStatus,
});
const result: ParameterValue = await jobInfo.fetchResultData("output_file");
console.log(result.value.toJSON().url)
}
catch(error) {
(<JobInfo>error).messages.forEach((message: GPMessage) => {
console.log(message.toJSON())
})
}
}
// ...
In case of an error, I get following messages in the console:
How can I stop ArcGIS Enterprise from exposing internal server information?
Of course, I just can stop logging it to the console 😉 but I want to limit anyone from getting access to information about the server's file structure. I'm interested to let users see the error itself though. For example: "ERROR 000523: Unknown coordinate system for output dataset".
I am looking for a way to not expose a stack trace and/or limit what the information ArcGIS Server is providing to any client (not specific to ArcGIS API for JavaScript but also Postman, ArcGIS for Python and so on) using the server's REST endpoint.
The only solution I can think of is: I could add a layer of abstraction by implementing a proxy web application which will then just forward the error itself to the client (in addition to not having the geoprocessing service published to the public). However, I would like to avoid introducing an additional server component if possible. I am sure there is a configuration for ArcGIS Enterprise I missed… Hence my question.
Best Answer
You'll want to change the Geoprocessing Service log message away from ERROR or INFO to just WARNING or NONE. This way you the service will never return these messages, no matter what client uses them or if a user peeks under the hood.
See the Show Messages setting.