There are several calls to throwable.printStackTrace throughout the rest-api project. These have been flagged as insecure and need to be removed.
Fixes #96.
Throwable.printStackTrace(...) prints a Throwable and its stack trace to System.Err (by default) which is not easily parseable and can expose sensitive information.
Solution
Use a logger to get the same message to the user.
how you tested the change
Forced one of these conditions and verified the logger logged the message.
Where the following done:
[ ] Tests. Check all that apply:
[ ] Unit tests created or modified that run during ant test.
[ ] Integration tests created or modified that run during integration testing
(Formerly called regression tests.)
[ ] Test procedure descriptions for manual testing
[ ] Was relevant documentation updated?
[ ] Were relevant config element (e.g. XML data) updated as appropriate
If you aren't sure leave unchecked and we will help guide you to want needs changing where.
Problem Description
There are several calls to throwable.printStackTrace throughout the rest-api project. These have been flagged as insecure and need to be removed. Fixes #96. Throwable.printStackTrace(...) prints a Throwable and its stack trace to System.Err (by default) which is not easily parseable and can expose sensitive information.
Solution
Use a logger to get the same message to the user.
how you tested the change
Forced one of these conditions and verified the logger logged the message.
Where the following done:
If you aren't sure leave unchecked and we will help guide you to want needs changing where.