summaryrefslogtreecommitdiffstats
path: root/auth/auth-hello/src/main
diff options
context:
space:
mode:
authorRaviteja Cherughattu <rc835m@att.com>2020-07-29 14:36:17 -0500
committerRaviteja Cherughattu <rc835m@att.com>2020-07-29 14:36:17 -0500
commitbdb54b7c8a5df0e686490658067c9013ee43dd7a (patch)
treece291e2172a5440d877baedf6214c84823c21c13 /auth/auth-hello/src/main
parentde75a11f03d87b53f7a2b5525c8fc66f6053aef2 (diff)
Medium Vulnerabilities CodeFix: Revert [Ref ID: 108330]
Issue-ID: AAF-1115 Change-Id: I8e503ee84eb2771edbf2ed94f5d7f8f2e20812c7 Signed-off-by: Raviteja Cherughattu <rc835m@att.com>
Diffstat (limited to 'auth/auth-hello/src/main')
-rw-r--r--auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java10
1 files changed, 4 insertions, 6 deletions
diff --git a/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java b/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java
index cdaa6a76..4ffb1787 100644
--- a/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java
+++ b/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java
@@ -35,8 +35,6 @@ import org.onap.aaf.auth.rserv.HttpMethods;
import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.TimeTaken;
-import org.owasp.encoder.Encode;
-
/**
* API Apis
* @author Jonathan
@@ -72,7 +70,7 @@ public class API_Hello {
String perm = pathParam(req, "perm");
if (perm!=null && perm.length()>0) {
os.print('(');
- os.print(Encode.forJava(req.getUserPrincipal().getName()));
+ os.print(req.getUserPrincipal().getName());
TimeTaken tt = trans.start("Authorize perm", Env.REMOTE);
try {
if (req.isUserInRole(perm)) {
@@ -84,7 +82,7 @@ public class API_Hello {
tt.done();
}
os.print("Permission: ");
- os.print(Encode.forJava(perm));
+ os.print(perm);
os.print(')');
}
os.println();
@@ -146,7 +144,7 @@ public class API_Hello {
}
sb.append("}");
ServletOutputStream os = resp.getOutputStream();
- os.println(Encode.forJava(sb.toString()));
+ os.println(sb.toString());
trans.info().printf("Said 'RESTful Hello' to %s, Authentication type: %s",trans.getUserPrincipal().getName(),trans.getUserPrincipal().getClass().getSimpleName());
}
},APPLICATION_JSON);
@@ -166,7 +164,7 @@ public class API_Hello {
trans.info().printf("Content from %s: %s\n", pathParam(req, ":id"),content);
if (content.startsWith("{") && content.endsWith("}")) {
resp.setStatus(200 /* OK */);
- resp.getOutputStream().print(Encode.forJava(content));
+ resp.getOutputStream().print(content);
} else {
resp.getOutputStream().write(NOT_JSON);
resp.setStatus(406);