Forum Discussion

mw212's avatar
mw212
New Member
6 years ago

Sensitive Information Exposure: null/empty response body

I am using ReadyAPI 2.2.0 .I am using the predefined security tests with my API. While running the Invalid Types security scan, the assertion is failing due to:

Sensitive Information Exposure: null/empty response body

 

The particular parameter which is causing it to fail is utilized by a gateway - not my API. So it is not within my control to change it, nor would I expect any response if the value passed is invalid.

 

My problem is this - the assertion is failing due to null/empty response body. However when I open the "Sensitive Information Exposure" assertion, I do not see any such regex or rule in the list, so it seems I have no way of stopping or removing this assertion.

 

How can I remove or ignore this assertion since I am not concerned by it and am not able to control it?

No RepliesBe the first to reply