diff options
| author |   Raviteja Cherughattu <rc835m@att.com> | 2020-07-29 14:36:17 -0500 |
|---|---|---|
| committer | Raviteja Cherughattu <rc835m@att.com> | 2020-07-29 14:36:17 -0500 |
| commit | bdb54b7c8a5df0e686490658067c9013ee43dd7a (patch) | |
| tree | ce291e2172a5440d877baedf6214c84823c21c13 /auth/auth-hello | |
| parent | de75a11f03d87b53f7a2b5525c8fc66f6053aef2 (diff) | |
Medium Vulnerabilities CodeFix: Revert [Ref ID: 108330]
Issue-ID: AAF-1115
Change-Id: I8e503ee84eb2771edbf2ed94f5d7f8f2e20812c7
Signed-off-by: Raviteja Cherughattu <rc835m@att.com>
Diffstat (limited to 'auth/auth-hello')
| -rw-r--r-- | auth/auth-hello/pom.xml | 7 | ||||
| -rw-r--r-- | auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java | 10 |
2 files changed, 5 insertions, 12 deletions
diff --git a/auth/auth-hello/pom.xml b/auth/auth-hello/pom.xml index f9a420f9..676ca3ea 100644 --- a/auth/auth-hello/pom.xml +++ b/auth/auth-hello/pom.xml @@ -54,12 +54,7 @@ <dependency> <groupId>org.onap.aaf.authz</groupId> <artifactId>aaf-cadi-aaf</artifactId> - </dependency> - <dependency> - <groupId>org.owasp.encoder</groupId> - <artifactId>encoder</artifactId> - <version>1.2.1</version> - </dependency> + </dependency> </dependencies> diff --git a/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java b/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java index cdaa6a76..4ffb1787 100644 --- a/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java +++ b/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java @@ -35,8 +35,6 @@ import org.onap.aaf.auth.rserv.HttpMethods; import org.onap.aaf.misc.env.Env; import org.onap.aaf.misc.env.TimeTaken; -import org.owasp.encoder.Encode; - /** * API Apis * @author Jonathan @@ -72,7 +70,7 @@ public class API_Hello { String perm = pathParam(req, "perm"); if (perm!=null && perm.length()>0) { os.print('('); - os.print(Encode.forJava(req.getUserPrincipal().getName())); + os.print(req.getUserPrincipal().getName()); TimeTaken tt = trans.start("Authorize perm", Env.REMOTE); try { if (req.isUserInRole(perm)) { @@ -84,7 +82,7 @@ public class API_Hello { tt.done(); } os.print("Permission: "); - os.print(Encode.forJava(perm)); + os.print(perm); os.print(')'); } os.println(); @@ -146,7 +144,7 @@ public class API_Hello { } sb.append("}"); ServletOutputStream os = resp.getOutputStream(); - os.println(Encode.forJava(sb.toString())); + os.println(sb.toString()); trans.info().printf("Said 'RESTful Hello' to %s, Authentication type: %s",trans.getUserPrincipal().getName(),trans.getUserPrincipal().getClass().getSimpleName()); } },APPLICATION_JSON); @@ -166,7 +164,7 @@ public class API_Hello { trans.info().printf("Content from %s: %s\n", pathParam(req, ":id"),content); if (content.startsWith("{") && content.endsWith("}")) { resp.setStatus(200 /* OK */); - resp.getOutputStream().print(Encode.forJava(content)); + resp.getOutputStream().print(content); } else { resp.getOutputStream().write(NOT_JSON); resp.setStatus(406); |