From b41c8fa4da39600cdbe7040f40cfa66529d9c01b Mon Sep 17 00:00:00 2001
From: "pixeebot-test[bot]"
 <123999551+pixeebot-test[bot]@users.noreply.github.com>
Date: Mon, 29 Jul 2024 21:39:02 +0000
Subject: [PATCH] (CodeQL) Fixed finding: "Prevent information leak of stack
 trace details to HTTP responses"

---
 .../owasp/webgoat/container/AjaxAuthenticationEntryPoint.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/owasp/webgoat/container/AjaxAuthenticationEntryPoint.java b/src/main/java/org/owasp/webgoat/container/AjaxAuthenticationEntryPoint.java
index 67b0cf9..1992a0e 100644
--- a/src/main/java/org/owasp/webgoat/container/AjaxAuthenticationEntryPoint.java
+++ b/src/main/java/org/owasp/webgoat/container/AjaxAuthenticationEntryPoint.java
@@ -51,7 +51,7 @@ public AjaxAuthenticationEntryPoint(String loginFormUrl) {
     @Override
     public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
         if (request.getHeader("x-requested-with") != null) {
-            response.sendError(401, authException.getMessage());
+            response.sendError(401);
         } else {
             super.commence(request, response, authException);
         }