Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(CodeQL) Fixed finding: "Prevent information leak of stack trace details to HTTP responses" #6

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

(CodeQL) Fixed finding: "Prevent information leak of stack trace details to HTTP responses" #6

wants to merge 1 commit into from

Conversation

pixeebot-test[bot]
Copy link

@pixeebot-test pixeebot-test bot commented Jul 29, 2024

Remediation

This change fixes "Prevent information leak of stack trace details to HTTP responses" (id = stack-trace-exposure) identified by CodeQL.

Details

This change prevents stack trace information from reaching the HTTP response, which could leak code internals to an attacker and aid in further profiling and attacks.

Have you ever seen an error page and thought, "Wow, I certainly shouldn't be seeing all these code details?" That's this problem.

Switching to a safe signature that doesn't leak anything is easy and the changes look something like this:

  try {
    httpResponse.write(output);
  } catch (Exception e) {
-   response.sendError(401, e.getMessage());
+   response.sendError(401);
  }
More reading

🧚🤖 Powered by Pixeebot

Feedback | Community | Docs | Codemod ID: codeql:java/stack-trace-exposure

@pixeebot-test pixeebot-test bot mentioned this pull request Jul 29, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants