Information Leakage from an Error Message
Tried to fix the information leakage through Lua Transformation as per IBM Support. However, it failed am I missing any pre-requisites?
Error - "JSPG0036E: Failed to find resource {URL} trying to hit"
Lua script applied -
local function transform_response(url, content)
if url == "{URL}" then
-- Replace entire response body with "Unauthorized Access""
return "Unauthorized Access""
end
return content
end
-- Simulate request handling
local url_requested = "{URL}"
local original_response = "JSPG0036E: Failed to find resource {URL} trying to hit"
-- Perform transformation
local new_response_body = transform_response(url_requested, original_response)
print("Transformed response body:", new_response_body)
Soultion i am looking for -
While hitting the {URL} instead of the error message leaking the information I need it as "Unauthorized Access"