Revert "Fix critical cross site scripting"

author vasraz <vasyl.razinkov@est.tech>

Tue, 12 Oct 2021 14:18:52 +0000 (15:18 +0100)

committer Vasyl Razinkov <vasyl.razinkov@est.tech>

Tue, 12 Oct 2021 15:58:53 +0000 (15:58 +0000)
author vasraz <vasyl.razinkov@est.tech>
Tue, 12 Oct 2021 14:18:52 +0000 (15:18 +0100)
committer Vasyl Razinkov <vasyl.razinkov@est.tech>
Tue, 12 Oct 2021 15:58:53 +0000 (15:58 +0000)
diff --git a/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/PortalServlet.java b/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/PortalServlet.java

index 97c4ac6..6378b99 100644 (file)
--- a/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/PortalServlet.java
+++ b/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/PortalServlet.java
@@ -113,7 +113,7 @@ public class PortalServlet extends HttpServlet {
       * @throws IOException
       */
      private void addRequestHeadersUsingWebseal(final HttpServletRequest request, final HttpServletResponse response)
-        throws ServletException, IOException, CipherUtilException {
+        throws ServletException, IOException {
          response.setContentType("text/html");
          // Create new request object to dispatch
          MutableHttpServletRequest mutableRequest = new MutableHttpServletRequest(request);
@@ -243,13 +243,12 @@ public class PortalServlet extends HttpServlet {
       * @param request
       * @param headers
       */
-    private void addCookies(final HttpServletResponse response, final HttpServletRequest request, final String[] headers)
-        throws CipherUtilException {
+    private void addCookies(final HttpServletResponse response, final HttpServletRequest request, final String[] headers) {
          for (var i = 0; i < headers.length; i++) {
              final var currHeader = ValidationUtils.sanitizeInputString(headers[i]);
              final var headerValue = ValidationUtils.sanitizeInputString(request.getHeader(currHeader));
              if (headerValue != null) {
-                final var cookie = new Cookie(currHeader, CipherUtil.encryptPKC(headerValue));
+                final var cookie = new Cookie(currHeader, headerValue);
                  cookie.setSecure(true);
                  response.addCookie(cookie);
              }
author	vasraz <vasyl.razinkov@est.tech>
	Tue, 12 Oct 2021 14:18:52 +0000 (15:18 +0100)
committer	Vasyl Razinkov <vasyl.razinkov@est.tech>
	Tue, 12 Oct 2021 15:58:53 +0000 (15:58 +0000)