From: Malarvizhi Paramasivam <malarvizhi.44@wipro.com>
Date: Mon, 14 Jun 2021 10:04:10 +0000 (+0530)
Subject: Fix CRITICAL cross-site scripting (xss) issues identified in sonarcloud
X-Git-Tag: 3.0.5~6
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;ds=sidebyside;h=333a4acb10bd16e72436d37bf876c14836c2c6d9;p=optf%2Fosdf.git

Fix CRITICAL cross-site scripting (xss) issues identified in sonarcloud

Issue-ID: OPTFRA-966
Signed-off-by: Malarvizhi Paramasivam <malarvizhi.44@wipro.com>
Change-Id: I75825cd8b98c78712e7c727952e9602ace4ea1c0
---

diff --git a/solverapp.py b/solverapp.py
index 39f2670..a2df317 100644
--- a/solverapp.py
+++ b/solverapp.py
@@ -16,7 +16,8 @@
 # -------------------------------------------------------------------------
 #
 
-from flask import request, g
+from flask import request
+from markupsafe import Markup
 
 from osdf.apps.baseapp import app, run_app
 from osdf.logging.osdf_logging import audit_log
@@ -50,7 +51,7 @@ def opt_model_create_rest_api():
 def opt_get_model_rest_api(model_id):
     """Retrieve model data
     """
-
+    model_id = Markup.escape(model_id)
     return retrieve_model_data(model_id)