Need

Prevent unauthorized access to sensitive data

Context

• Usage of Elixir (version 1.11 and above) for building scalable and fault-tolerant applications
• Usage of Plug library for request handling

Description

Non compliant code

        def handle_request(request) do
  {:ok, body, conn} = read_body(request.conn)
  IO.inspect(body)
  case Router.dispatch(request) do
    {:ok, response} -> send_resp(conn, 200, response)
    _ -> send_resp(conn, 404, 'Not found')
  end
end
        
        

This function handles all incoming requests. It first reads the body of the request and then logs it using IO.inspect. This is problematic because the body of the request can contain sensitive user information like usernames, passwords, and other personal data. Logging this data in plain text can expose it to unauthorized users who might have access to the log files.

Steps

• Stop logging the entire request body.
• If necessary, only log non-sensitive parts of the request.

Compliant code

        def handle_request(request) do
  {:ok, body, conn} = read_body(request.conn)
  IO.inspect(Map.delete(body, 'password'))
  case Router.dispatch(request) do
    {:ok, response} -> send_resp(conn, 200, response)
    _ -> send_resp(conn, 404, 'Not found')
  end
end
        
        

In the secure version of the function, we only log non-sensitive parts of the request. In this case, we remove the password from the body before logging it.

References

• 059. Sensitive information stored in logs