Improper Error handling messages reveal implementation details that should never be revealed. Such details can provide hackers important clues on potential flaws in the site and such messages are also disturbing to normal users.
Some of the details are like Tomcat Version, CSRF tokens etc. The Error page is also not user friendly.
In scenarios of most common error like 401, 403, 404 Release Automation displays the default page of application (as per product design). In some end-user scenario there is a need to have more user-friendly pages abstracting information which are rendered on browser in default behavior. For example the 403 Access Denied error page message will be something like below.
HTTP Status 403 - Invalid CSRF Token 'CSRF_TOKEN_ID' was found on the request parameter '_csrf' or header ...
The default error pages doesn't suffice to all end-users need and in some cases end-user wish to show custom error message, tend to be non-technical and user friendly.