Fix CRITICAL cross-site scripting (xss) issues identified in sonarcloud

author Malarvizhi Paramasivam <malarvizhi.44@wipro.com>

Mon, 14 Jun 2021 10:04:10 +0000 (15:34 +0530)

committer Malarvizhi Paramasivam <malarvizhi.44@wipro.com>

Mon, 14 Jun 2021 10:04:10 +0000 (15:34 +0530)
author Malarvizhi Paramasivam <malarvizhi.44@wipro.com>
Mon, 14 Jun 2021 10:04:10 +0000 (15:34 +0530)
committer Malarvizhi Paramasivam <malarvizhi.44@wipro.com>
Mon, 14 Jun 2021 10:04:10 +0000 (15:34 +0530)
diff --git a/solverapp.py b/solverapp.py

index 39f2670..a2df317 100644 (file)
--- a/solverapp.py
+++ b/solverapp.py
@@ -16,7 +16,8 @@
  # -------------------------------------------------------------------------
  #
  
-from flask import request, g
+from flask import request
+from markupsafe import Markup
  
  from osdf.apps.baseapp import app, run_app
  from osdf.logging.osdf_logging import audit_log
@@ -50,7 +51,7 @@ def opt_model_create_rest_api():
  def opt_get_model_rest_api(model_id):
      """Retrieve model data
      """
-
+    model_id = Markup.escape(model_id)
      return retrieve_model_data(model_id)
author	Malarvizhi Paramasivam <malarvizhi.44@wipro.com>
	Mon, 14 Jun 2021 10:04:10 +0000 (15:34 +0530)
committer	Malarvizhi Paramasivam <malarvizhi.44@wipro.com>
	Mon, 14 Jun 2021 10:04:10 +0000 (15:34 +0530)