Module StackTraceExposure

Provides default sources, sinks and sanitizers for detecting stack trace exposure vulnerabilities, as well as extension points for adding your own.

Import path

import codeql.ruby.security.StackTraceExposureCustomizations

BacktraceCall	A call to `backtrace` or `backtrace_locations` on a `rescue` variable, considered as a flow source.
KernelCallerCall	A call to `Kernel#caller`, considered as a flow source.
Sanitizer	A data flow sanitizer for stack trace exposure vulnerabilities.
ServerHttpResponseBodyAsSink	The body of an HTTP response that will be returned from a server, considered as a flow sink.
Sink	A data flow sink for stack trace exposure vulnerabilities.
Source	A data flow source for stack trace exposure vulnerabilities.