Code Review / aaf / authz.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Medium Vulnerabilities CodeFix: 1. URL Redirection 2. AAF-1111
[aaf/authz.git] / auth / auth-locate / src / main / java / org / onap / aaf / auth / locate / facade / LocateFacadeImpl.java
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java
index 6710708..047663c 100644 (file)
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java
@@ -59,6 +59,7 @@ import org.onap.aaf.misc.env.Env;
 import org.onap.aaf.misc.env.TimeTaken;
 import org.onap.aaf.misc.rosetta.env.RosettaDF;
 import org.onap.aaf.misc.rosetta.env.RosettaData;
+import org.owasp.encoder.Encode;
 
 import locate_local.v1_0.Api;
 
@@ -266,7 +267,7 @@ public abstract class LocateFacadeImpl<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIGURA
         TimeTaken tt = trans.start(API_EXAMPLE, Env.SUB);
         try {
             String content =Examples.print(apiDF.getEnv(), nameOrContentType, optional);
-            resp.getOutputStream().print(content);
+            resp.getOutputStream().print(Encode.forJava(content));
             setContentType(resp,content.contains("<?xml")?TYPE.XML:TYPE.JSON);
             return Result.ok();
         } catch (Exception e) {
@@ -311,7 +312,7 @@ public abstract class LocateFacadeImpl<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIGURA
                     }
                 }
             }
-            resp.getOutputStream().println(output);
+            resp.getOutputStream().println(Encode.forJava(output));
             setContentType(resp,epDF.getOutType());
             return Result.ok();
         } catch (Exception e) {
ARCHIVED- 2022-02-15 at the request of the project