Files
codeql/ruby/ql/test/query-tests/security/cwe-209/StackTraceExposure.rb
2026-06-15 23:03:46 +01:00

22 lines
420 B
Ruby

class FooController < ApplicationController
def show
something_that_might_fail()
rescue => e
render body: e.backtrace, content_type: "text/plain" # $ Alert
end
def show2
bt = caller() # $ Source
render body: bt, content_type: "text/plain" # $ Alert
end
def show3
not_a_method()
rescue NoMethodError => e
render body: e.backtrace, content_type: "text/plain" # $ Alert
end
end