Fix X509 injection

author sebdet <sebastien.determe@intl.att.com>

Fri, 4 Oct 2019 14:12:51 +0000 (16:12 +0200)

committer Sébastien Determe <sebastien.determe@intl.att.com>

Fri, 4 Oct 2019 14:14:40 +0000 (14:14 +0000)
author sebdet <sebastien.determe@intl.att.com>
Fri, 4 Oct 2019 14:12:51 +0000 (16:12 +0200)
committer Sébastien Determe <sebastien.determe@intl.att.com>
Fri, 4 Oct 2019 14:14:40 +0000 (14:14 +0000)
diff --git a/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java b/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java

index 3a93942..7e104c7 100644 (file)
--- a/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java
+++ b/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java
@@ -30,6 +30,8 @@ import java.io.ByteArrayInputStream;
  import java.io.File;
  import java.io.IOException;
  import java.io.InputStream;
+import java.net.URLDecoder;
+import java.nio.charset.StandardCharsets;
  import java.nio.file.StandardCopyOption;
  import java.security.cert.CertificateException;
  import java.security.cert.CertificateFactory;
@@ -142,7 +144,8 @@ public class ClampCadiFilter extends CadiFilter {
      public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
              throws IOException, ServletException {
          try {
-            String certHeader = ((HttpServletRequest) request).getHeader("X-SSL-Cert");
+            String certHeader = URLDecoder.decode(((HttpServletRequest) request).getHeader("X-SSL-Cert"),
+                    StandardCharsets.UTF_8.toString());
              if (certHeader != null) {
  
                  CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
author	sebdet <sebastien.determe@intl.att.com>
	Fri, 4 Oct 2019 14:12:51 +0000 (16:12 +0200)
committer	Sébastien Determe <sebastien.determe@intl.att.com>
	Fri, 4 Oct 2019 14:14:40 +0000 (14:14 +0000)