Code Review / portal.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: c5b960e) | patch
XSS Vulnerability fix in DashboardSearchResultController 40/88840/1
authorDominik Mizyn <d.mizyn@samsung.com>
Thu, 30 May 2019 08:47:56 +0000 (10:47 +0200)
committerDominik Mizyn <d.mizyn@samsung.com>
Thu, 30 May 2019 08:48:13 +0000 (10:48 +0200)
commit1f4d93651fdc71e0b661728a7c7efc9b4f524b5a
treefdf232903f5ea43b9d8659758b169bc6dbdff2edtree | snapshot
parentc5b960eaa66fcfdd69c4a8201d2c0ff8ee1253a8commit | diff
XSS Vulnerability fix in DashboardSearchResultController

@SafeHtml annotation is used to fix this problem.
New class 'SecureString' must be added to project to valid incoming Strings
from '@RequestParam String incoming String'
pom.xml file update.

This patch also fix:
* remove unnecessary semicolon
* Sonar issue: Replace the type specification in this constructor call with
 the diamond operator ("<>")

Issue-ID: PORTAL-601
Change-Id: Id214b6e65f0c486141679fd23725a7fb66443acd
Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
ecomp-portal-BE-common/pom.xml diff | blob | history
ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/DashboardSearchResultController.java diff | blob | history
ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CommonWidget.java diff | blob | history
ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CommonWidgetMeta.java diff | blob | history
ecomp-portal-BE-common/src/main/java/org/onap/portalapp/validation/SecureString.java [new file with mode: 0644] blob
ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/DashboardSearchResultControllerTest.java diff | blob | history
ARCHIVED- 2022-02-15 at the request of the project