diff options
author | Raviteja Cherughattu <rc835m@att.com> | 2020-05-27 12:08:55 -0500 |
---|---|---|
committer | Raviteja Cherughattu <rc835m@att.com> | 2020-06-02 14:38:56 -0500 |
commit | 16c3995a89892b1dad4dab7df0f6200ac8b09f92 (patch) | |
tree | c08006099c726b5fb6bf56672444ae114f821fe1 /cadi/client/src/main/java | |
parent | 03bc32d07bdd8e2698a1bdede972ff5aa43f9759 (diff) |
Medium Vulnerabilities CodeFix: 1. URL Redirection 2. AAF-1111
Issue-ID: AAF-1115
Change-Id: I05d8d7a19236ad476d2a37b51a6c4a84ba2b8546
Signed-off-by: Raviteja Cherughattu <rc835m@att.com>
Diffstat (limited to 'cadi/client/src/main/java')
-rw-r--r-- | cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java index c7b2605f..898b99c9 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java @@ -47,7 +47,7 @@ import org.onap.aaf.misc.env.Data; import org.onap.aaf.misc.env.Data.TYPE; import org.onap.aaf.misc.env.util.Pool.Pooled; import org.onap.aaf.misc.rosetta.env.RosettaDF; - +import org.owasp.encoder.Encode; /** * Low Level Http Client Mechanism. Chances are, you want the high level "HRcli" * for Rosetta Object Translation @@ -396,8 +396,10 @@ public class HClient implements EClient<HttpURLConnection> { // reuse Buffers Pooled<byte[]> pbuff = Rcli.buffPool.get(); try { + String strTemp; while ((read=is.read(pbuff.content))>=0) { - os.write(pbuff.content,0,read); + strTemp = new String(pbuff.content,0,read); + os.write(Encode.forJava(strTemp).getBytes()); } } finally { pbuff.done(); @@ -412,8 +414,10 @@ public class HClient implements EClient<HttpURLConnection> { errContent = new StringBuilder(); Pooled<byte[]> pbuff = Rcli.buffPool.get(); try { + String strTemp; while ((read=is.read(pbuff.content))>=0) { - os.write(pbuff.content,0,read); + strTemp = new String(pbuff.content,0,read); + os.write(Encode.forJava(strTemp).getBytes()); } } finally { pbuff.done(); |