OWASP Periodic Table of Vulnerabilities - Information Leakage
Revision as of 10:58, 22 July 2013 by James Landis
Root Cause Summary
The application discloses sensitive/classified data or useful data about the application that can be used for targeted attacks, even though the developer did not intend to disclose the data.
Browser / Standards Solution
- Alert, block, or automatically sanitize classified data in responses.
- Configure the platform to return generic error codes by default and log locally.
- Disable stack traces in production; show a generic error page instead.
Generic Framework Solution
- Provide common error-handling framework and APIs which take two error messages as parameters: one to be displayed to the user and one to be written to logs.
- Provide configurable content expiration/caching interface; default to no-cache, no-store.
- Provide common methods to mask data in responses based on configurable rules for varying levels of data classification.
- Block classified information from being sent as URL parameters or logged as part of a GET request.
- Block file paths from being displayed by default.
Custom Framework Solution
Custom Code Solution
- Don't leak information via error parity mismatches. For example, a login form should return the same error message regardless of whether the username or password is incorrect, in order to prevent account enumeration.
- Only send back data in the response to the client that is needed.
Discussion / Controversy