diff options
author | Raviteja Cherughattu <rc835m@att.com> | 2020-05-27 12:08:55 -0500 |
---|---|---|
committer | Raviteja Cherughattu <rc835m@att.com> | 2020-06-02 14:38:56 -0500 |
commit | 16c3995a89892b1dad4dab7df0f6200ac8b09f92 (patch) | |
tree | c08006099c726b5fb6bf56672444ae114f821fe1 /auth/auth-cmd | |
parent | 03bc32d07bdd8e2698a1bdede972ff5aa43f9759 (diff) |
Medium Vulnerabilities CodeFix: 1. URL Redirection 2. AAF-1111
Issue-ID: AAF-1115
Change-Id: I05d8d7a19236ad476d2a37b51a6c4a84ba2b8546
Signed-off-by: Raviteja Cherughattu <rc835m@att.com>
Diffstat (limited to 'auth/auth-cmd')
-rw-r--r-- | auth/auth-cmd/pom.xml | 6 | ||||
-rw-r--r-- | auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java | 3 |
2 files changed, 7 insertions, 2 deletions
diff --git a/auth/auth-cmd/pom.xml b/auth/auth-cmd/pom.xml index 7133a5b1..01ec4ec9 100644 --- a/auth/auth-cmd/pom.xml +++ b/auth/auth-cmd/pom.xml @@ -178,7 +178,11 @@ <artifactId>jline</artifactId> <version>2.14.2</version> </dependency> - + <dependency> + <groupId>org.owasp.encoder</groupId> + <artifactId>encoder</artifactId> + <version>1.2.1</version> + </dependency> </dependencies> <distributionManagement> diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java index 0ae4ce99..40616abc 100644 --- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java @@ -54,6 +54,7 @@ import aaf.v2_0.History; import aaf.v2_0.History.Item; import aaf.v2_0.Request; +import org.owasp.encoder.Encode; public abstract class Cmd { // Sonar claims DateFormat is not thread safe. Leave as Instance Variable. @@ -272,7 +273,7 @@ public abstract class Cmd { sb.append(", "); sb.append(desc); } - pw().println(sb); + pw().println(Encode.forJava(sb.toString())); } |