• Home
• io.codemodder
• core-codemods
• 0.96.0
• source code
• report.json

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.codemodder.codemods.StackTraceExposureCodemod.report.json Maven / Gradle / Ivy

{
  "summary" : "Prevent information leak of stack trace details to HTTP responses (CodeQL)",
  "change": "Removed the argument which would end up exposed in the HTTP response and leak implementation details of our application to the user",
  "reviewGuidanceJustification" : "This codemod prevents internal coding details from reaching the HTTP response body, and we believe that fixing it presents zero risk.",
  "references" : [
    "https://codeql.github.com/codeql-query-help/java/java-error-message-exposure/",
    "https://cwe.mitre.org/data/definitions/209.html",
    "https://cwe.mitre.org/data/definitions/497.html"
  ]
}