Non-capturing catches
mikeymike opened this issue · comments
Michael Woodward commented
Name: Caution with Catches
Brief
- You're writing a login validation service
- Call function X to validate password (which we provide)
- This will throw an exception with the password inside the message
- The library in use is wrongly providing the password in the exception message
- DO NOT USE!
- Print a generic message
- Call function X to validate password (which we provide)
Verification
- AST ensure that
$e
token isn't there. - Check password is not in exception