Another location where your site is prone to leak sensitive information
is error messages. Make sure error messages are sanitized so they don't
reveal details about the data store, the paths of template files, or stack
traces. It is important to have a generic HTTP 500 error page, and keep
detailed reporting in server-side logs or reporting systems.
