Code Review / sdc.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Fix high-severity bug 'application exposed to path traversal attack'
[sdc.git] / openecomp-ui / webapp-onboarding / WEB-INF / web.xml
diff --git a/openecomp-ui/webapp-onboarding/WEB-INF/web.xml b/openecomp-ui/webapp-onboarding/WEB-INF/web.xml
index 7840279..65b2bc4 100644 (file)
--- a/openecomp-ui/webapp-onboarding/WEB-INF/web.xml
+++ b/openecomp-ui/webapp-onboarding/WEB-INF/web.xml
@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
 <web-app xmlns="http://java.sun.com/xml/ns/javaee"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
-         version="3.0">
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+    version="3.0">
 
     <display-name>ASDC</display-name>
 
@@ -29,6 +29,11 @@
         <url-pattern>*.js</url-pattern>
     </servlet-mapping>
 
+    <context-param>
+        <param-name>org.eclipse.jetty.servlet.Default.dirAllowed</param-name>
+        <param-value>false</param-value>
+    </context-param>
+
     <servlet>
         <servlet-name>resources</servlet-name>
         <servlet-class>org.eclipse.jetty.servlet.DefaultServlet</servlet-class>
SDC Parent Project Catalog FE and BE