Code Review / aaf / authz.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Medium Vulnerabilities CodeFix: 1. URL Redirection 2. AAF-1111
[aaf/authz.git] / auth / auth-core / src / main / java / org / onap / aaf / auth / rserv / CachingFileAccess.java
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CachingFileAccess.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CachingFileAccess.java
index cdda50d..b342c42 100644 (file)
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CachingFileAccess.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CachingFileAccess.java
@@ -53,6 +53,7 @@ import org.onap.aaf.misc.env.EnvJAXB;
 import org.onap.aaf.misc.env.LogTarget;
 import org.onap.aaf.misc.env.Store;
 import org.onap.aaf.misc.env.Trans;
+import org.owasp.encoder.Encode;
 /*
  * CachingFileAccess
  *
@@ -429,9 +430,9 @@ public class CachingFileAccess<TRANS extends Trans> extends HttpCode<TRANS, Void
                     w.append(name);
                     w.append('/');
                 }
-                w.append(f.getName());
+                w.append(Encode.forJava(f.getName()));
                 w.append("\">");
-                w.append(f.getName());
+                w.append(Encode.forJava(f.getName()));
                 w.append("</a></li>\n");
             }
             w.append(F);
ARCHIVED- 2022-02-15 at the request of the project