def check_detailed_exceptions
tracker.controllers.each do |_name, controller|
controller.methods_public.each do |method_name, definition|
src = definition[:src]
body = src.body.last
next unless body
if method_name == :show_detailed_exceptions? and not safe? body
if true? body
confidence = :high
else
confidence = :medium
end
warn :warning_type => "Information Disclosure",
:warning_code => :detailed_exceptions,
:message => msg("Detailed exceptions may be enabled in ", msg_code("show_detailed_exceptions?")),
:confidence => confidence,
:code => src,
:file => definition[:file]
end
end
end
end