From 72a2f45de200bb556fb3f7b4dde2b66e251609d1 Mon Sep 17 00:00:00 2001 From: Kishore Reddy Dwaram Date: Thu, 4 Feb 2021 14:17:21 -0500 Subject: [PATCH] Changes done to improve error log percentage Issue-ID: PORTAL-1060 Signed-off-by: Kishore Reddy Dwaram Change-Id: I68da1e117c71ccfd88251d868827ae571ada9349 --- .../main/java/org/onap/portalapp/filter/SecurityXssValidator.java | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/filter/SecurityXssValidator.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/filter/SecurityXssValidator.java index 3adc313a..cc4ba85f 100644 --- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/filter/SecurityXssValidator.java +++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/filter/SecurityXssValidator.java @@ -160,18 +160,21 @@ public class SecurityXssValidator { logger.info(EELFLoggerDelegate.applicationLogger, "denyXSS() replacing ×eclgn with empty string for request value : " + value); value=value.replaceAll("×eclgn", ""); } + while(value.contains("%25")) { + value = value.replaceAll("%25", "%"); + } value = ESAPI.encoder().canonicalize(value); for (Pattern xssInputPattern : XSS_INPUT_PATTERNS) { if (xssInputPattern.matcher(value).matches()) { flag = Boolean.TRUE; break; } - } } } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "denyXSS() failed for request with value : " + value, e); + logger.error(EELFLoggerDelegate.errorLogger, "denyXSS() failed for request with value : " + e.getMessage()); + logger.debug(EELFLoggerDelegate.debugLogger, "denyXSS() failed for request with value : " + value, e); } return flag; @@ -208,6 +211,5 @@ public class SecurityXssValidator { public void setXSS_INPUT_PATTERNS(List xSS_INPUT_PATTERNS) { XSS_INPUT_PATTERNS = xSS_INPUT_PATTERNS; } - } \ No newline at end of file -- 2.16.6