Skip to content

(CodeQL) Fixed finding: "Prevent information leak of stack trace details to HTTP responses" #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
pixeebot-test wants to merge 1 commit into
base: main
Choose a base branch
from
Open

(CodeQL) Fixed finding: "Prevent information leak of stack trace details to HTTP responses" #6

pixeebot-test wants to merge 1 commit into from

Conversation

@pixeebot-test
Copy link

@pixeebot-test pixeebot-test bot commented Jul 29, 2024

Remediation

This change fixes "Prevent information leak of stack trace details to HTTP responses" (id = stack-trace-exposure) identified by CodeQL.

Details

This change prevents stack trace information from reaching the HTTP response, which could leak code internals to an attacker and aid in further profiling and attacks.

Have you ever seen an error page and thought, "Wow, I certainly shouldn't be seeing all these code details?" That's this problem.

Switching to a safe signature that doesn't leak anything is easy and the changes look something like this:

  try {
    httpResponse.write(output);
  } catch (Exception e) {
-   response.sendError(401, e.getMessage());
+   response.sendError(401);
  }
More reading

🧚🤖 Powered by Pixeebot

Feedback | Community | Docs | Codemod ID: codeql:java/stack-trace-exposure

@pixeebot-test pixeebot-test bot mentioned this pull request Jul 29, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant