Generalize or remove stack trace information found in error message exception handling #29570

douglaspalmer · 2024-05-15T15:40:40Z

Description

A stack trace in an error page is a security risk as it reveals details of the system to an attacker.

Discussion

No response

Motivation

Security hardening.

Details

POST localhost:8080/admin/realms/master/clients-initial-access

with payload

{ "id": "test", "expiration" : 86400, "count": 1 }

and run this API , provided we do. not have client name as "test" on master realm The output will be
{ "error": "Unrecognized field "id" (class org.keycloak.representations.idm.ClientInitialAccessCreatePresentation), not marked as ignorable (2 known properties: "expiration", "count"])\n at [Source: REDACTED (StreamReadFeature.INCLUDE_SOURCE_IN_LOCATION disabled); line: 2, column: 12] (through reference chain: org.keycloak.representations.idm.ClientInitialAccessCreatePresentation["id"])", "error_description": "For more on this error consult the server log at the debug level." }

The text was updated successfully, but these errors were encountered:

douglaspalmer added kind/enhancement Categorizes a PR related to an enhancement status/triage labels May 15, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Generalize or remove stack trace information found in error message exception handling #29570

Generalize or remove stack trace information found in error message exception handling #29570

douglaspalmer commented May 15, 2024

Generalize or remove stack trace information found in error message exception handling #29570

Generalize or remove stack trace information found in error message exception handling #29570

Comments

douglaspalmer commented May 15, 2024

Description

Discussion

Motivation

Details