Github user ottobackwards commented on a diff in the pull request:
https://github.com/apache/metron/pull/779#discussion_r142478606
--- Diff:
metron-interface/metron-rest/src/main/java/org/apache/metron/rest/controller/RestExceptionHandler.java
---
@@ -35,7 +36,7 @@
@ResponseBody
ResponseEntity<?> handleControllerException(HttpServletRequest request,
Throwable ex) {
HttpStatus status = getStatus(request);
- return new ResponseEntity<>(new RestError(status.value(),
ex.getMessage(), getFullMessage(ex)), status);
+ return new ResponseEntity<>(new RestError(status.value(),
ex.getMessage(), ExceptionUtils.getStackTrace(ex)), status);
--- End diff --
https://www.owasp.org/index.php/Error_Handling#Vulnerable_Patterns_for_Error_Handling
---
