Fix security risk 'Improper Input Validation'

[sdc.git] / catalog-be / src / main / webapp / WEB-INF / web.xml

diff --git a/catalog-be/src/main/webapp/WEB-INF/web.xml b/catalog-be/src/main/webapp/WEB-INF/web.xml
index 7cbfd1a..9761b38 100644 (file)
--- a/catalog-be/src/main/webapp/WEB-INF/web.xml
+++ b/catalog-be/src/main/webapp/WEB-INF/web.xml
@@ -20,6 +20,7 @@
                 org.glassfish.jersey.media.multipart.MultiPartFeature,
                 org.openecomp.sdc.be.filters.BasicAuthenticationFilter,
                 org.openecomp.sdc.be.filters.BeServletFilter,
+                org.openecomp.sdc.be.filters.DataValidatorFilter,
                 org.openecomp.sdc.be.filters.ComponentsAvailabilityFilter,
                 org.glassfish.jersey.server.filter.RolesAllowedDynamicFeature,
                 org.openecomp.sdc.be.servlets.exception.DefaultExceptionMapper,
@@ -59,6 +60,7 @@
             <param-value>
                 org.glassfish.jersey.media.multipart.MultiPartFeature,
                 org.openecomp.sdc.be.filters.BeServletFilter,
+                org.openecomp.sdc.be.filters.DataValidatorFilter,
                 org.openecomp.sdc.be.filters.ComponentsAvailabilityFilter,
                 org.openecomp.sdc.be.servlets.exception.DefaultExceptionMapper,
                 org.openecomp.sdc.be.servlets.exception.ComponentExceptionMapper,
@@ -149,6 +151,18 @@
         <url-pattern>/sdc/*</url-pattern>
     </filter-mapping>
 
+    <filter>
+        <filter-name>dataValidatorFilter</filter-name>
+        <filter-class>
+            org.openecomp.sdc.be.filters.DataValidatorFilter
+        </filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>dataValidatorFilter</filter-name>
+        <url-pattern>/sdc2/rest/*</url-pattern>
+        <url-pattern>/sdc/*</url-pattern>
+    </filter-mapping>
+
     <error-page>
         <exception-type>java.lang.RuntimeException</exception-type>
         <location>/sdc2/rest/v1/catalog/handleException/</location>