summaryrefslogtreecommitdiffstats
path: root/auth/auth-cmd
diff options
context:
space:
mode:
authorRaviteja Cherughattu <rc835m@att.com>2020-05-27 12:08:55 -0500
committerRaviteja Cherughattu <rc835m@att.com>2020-06-02 14:38:56 -0500
commit16c3995a89892b1dad4dab7df0f6200ac8b09f92 (patch)
treec08006099c726b5fb6bf56672444ae114f821fe1 /auth/auth-cmd
parent03bc32d07bdd8e2698a1bdede972ff5aa43f9759 (diff)
Medium Vulnerabilities CodeFix: 1. URL Redirection 2. AAF-1111
Issue-ID: AAF-1115 Change-Id: I05d8d7a19236ad476d2a37b51a6c4a84ba2b8546 Signed-off-by: Raviteja Cherughattu <rc835m@att.com>
Diffstat (limited to 'auth/auth-cmd')
-rw-r--r--auth/auth-cmd/pom.xml6
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java3
2 files changed, 7 insertions, 2 deletions
diff --git a/auth/auth-cmd/pom.xml b/auth/auth-cmd/pom.xml
index 7133a5b1..01ec4ec9 100644
--- a/auth/auth-cmd/pom.xml
+++ b/auth/auth-cmd/pom.xml
@@ -178,7 +178,11 @@
<artifactId>jline</artifactId>
<version>2.14.2</version>
</dependency>
-
+ <dependency>
+ <groupId>org.owasp.encoder</groupId>
+ <artifactId>encoder</artifactId>
+ <version>1.2.1</version>
+ </dependency>
</dependencies>
<distributionManagement>
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java
index 0ae4ce99..40616abc 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java
@@ -54,6 +54,7 @@ import aaf.v2_0.History;
import aaf.v2_0.History.Item;
import aaf.v2_0.Request;
+import org.owasp.encoder.Encode;
public abstract class Cmd {
// Sonar claims DateFormat is not thread safe. Leave as Instance Variable.
@@ -272,7 +273,7 @@ public abstract class Cmd {
sb.append(", ");
sb.append(desc);
}
- pw().println(sb);
+ pw().println(Encode.forJava(sb.toString()));
}