rspec/rules/S4507/java/rule.adoc

include::../description.adoc[]

include::../ask-yourself.adoc[]

include::../recommended.adoc[]

== Sensitive Code Example

``++Throwable.printStackTrace(...)++`` prints a Throwable and its stack trace to ``++System.Err++`` (by default) which is not easily parseable and can expose sensitive information:

----
try {
  /* ... */
} catch(Exception e) {
  e.printStackTrace();        // Sensitive 
}
----

https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/config/annotation/web/configuration/EnableWebSecurity.html[EnableWebSecurity] annotation for SpringFramework with ``++debug++`` to ``++true++`` enable debugging support:

----
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

@Configuration
@EnableWebSecurity(debug = true) // Sensitive 
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
  // ...
}
----

== Compliant Solution

Loggers should be used (instead of  ``++printStackTrace++``) to print throwables:

----
try {
  /* ... */
} catch(Exception e) {
  LOGGER.log("context", e); // Compliant
}
----

https://docs.spring.io/spring-security/site/docs/current/api/org/springframework/security/config/annotation/web/configuration/EnableWebSecurity.html[EnableWebSecurity] annotation for SpringFramework with ``++debug++`` to ``++false++`` disable debugging support:

----
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

@Configuration
@EnableWebSecurity(debug = false) // Compliant
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
  // ...
}
----

include::../see.adoc[]

ifdef::env-github,rspecator-view[]

'''
== Implementation Specification
(visible only on this page)

include::../message.adoc[]

include::highlighting.adoc[]

'''
== Comments And Links
(visible only on this page)

include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]