logo

Database

Technical information leak - Content response

Need

To prevent unauthorized disclosure of technical details which could be exploited for crafting new attack vectors.

Context

• Usage of Elixir (1.12.0 and above) for building scalable and fault-tolerant applications

• Usage of Plug package for handling requests and responses

Description

1. Non compliant code

defmodule MyAppWeb.MyController do
  use MyAppWeb, :controller

  def index(conn, _params) do
    conn
    |> put_resp_header("server", "Plug/1.12.0")
    |> send_resp(200, "Hello, world!")
end...

In the insecure code, the server includes a 'server' response header that reveals the version of the Plug package it's using. This information could be used by an attacker to find vulnerabilities in that specific version and exploit them.

2. Steps

• Remove the code that adds the 'server' header with the version information.

• Review the application to ensure it doesn't disclose any other technical details in its responses.

3. Secure code example

defmodule MyAppWeb.MyController do
  use MyAppWeb, :controller

  def index(conn, _params) do
    send_resp(conn, 200, "Hello, world!")
  end
end

In the secure code, the server doesn't include any headers that reveal technical details about its configuration. This makes it harder for an attacker to find and exploit vulnerabilities.