XSS Vulnerability fix in AppsController

[portal.git] / ecomp-portal-BE-common / src / main / java / org / onap / portalapp / validation / DataValidator.java

diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/validation/DataValidator.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/validation/DataValidator.java
index 46a60c8..9fe3a88 100644 (file)
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/validation/DataValidator.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/validation/DataValidator.java
@@ -47,15 +47,25 @@ import org.springframework.stereotype.Component;
 
 @Component
 public class DataValidator {
-       private static final ValidatorFactory VALIDATOR_FACTORY  = Validation.buildDefaultValidatorFactory();
+       private volatile static ValidatorFactory VALIDATOR_FACTORY;
 
-       public <E> Set<ConstraintViolation<E>> getConstraintViolations(E classToValid){
+       public DataValidator() {
+              if (VALIDATOR_FACTORY == null) {
+                     synchronized (DataValidator.class) {
+                            if (VALIDATOR_FACTORY == null) {
+                                   VALIDATOR_FACTORY = Validation.buildDefaultValidatorFactory();
+                            }
+                     }
+              }
+       }
+
+       public <E> Set<ConstraintViolation<E>> getConstraintViolations(E classToValid) {
               Validator validator = VALIDATOR_FACTORY.getValidator();
               Set<ConstraintViolation<E>> constraintViolations = validator.validate(classToValid);
               return constraintViolations;
        }
 
-       public <E> boolean isValid(E classToValid){
+       public <E> boolean isValid(E classToValid) {
               Set<ConstraintViolation<E>> constraintViolations = getConstraintViolations(classToValid);
               return constraintViolations.isEmpty();
        }