From bdb54b7c8a5df0e686490658067c9013ee43dd7a Mon Sep 17 00:00:00 2001
From: Raviteja Cherughattu <rc835m@att.com>
Date: Wed, 29 Jul 2020 14:36:17 -0500
Subject: Medium Vulnerabilities CodeFix: Revert [Ref ID: 108330]

Issue-ID: AAF-1115
Change-Id: I8e503ee84eb2771edbf2ed94f5d7f8f2e20812c7
Signed-off-by: Raviteja Cherughattu <rc835m@att.com>
---
 auth/auth-locate/pom.xml                                           | 7 +------
 .../src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java  | 5 ++---
 .../java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java     | 5 ++---
 3 files changed, 5 insertions(+), 12 deletions(-)

(limited to 'auth/auth-locate')

diff --git a/auth/auth-locate/pom.xml b/auth/auth-locate/pom.xml
index 71fcfa98..e1103eca 100644
--- a/auth/auth-locate/pom.xml
+++ b/auth/auth-locate/pom.xml
@@ -77,12 +77,7 @@
         <dependency>
             <groupId>org.onap.aaf.authz</groupId>
             <artifactId>aaf-misc-rosetta</artifactId>
-        </dependency>
-        <dependency>		
-			<groupId>org.owasp.encoder</groupId>		
-			<artifactId>encoder</artifactId>		
-			<version>1.2.1</version>		
-		</dependency>
+        </dependency>        
         
     </dependencies>
 
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java
index 2bb497a0..2076e847 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java
@@ -53,7 +53,6 @@ import org.onap.aaf.cadi.client.Retryable;
 import org.onap.aaf.misc.env.APIException;
 import org.onap.aaf.misc.env.Env;
 import org.onap.aaf.misc.env.TimeTaken;
-import org.owasp.encoder.Encode;
 
 public class API_AAFAccess {
 //    private static String service, version, envContext;
@@ -105,7 +104,7 @@ public class API_AAFAccess {
                                         ServletOutputStream sos;
                                         try {
                                             sos = resp.getOutputStream();
-                                            sos.print(Encode.forJava(fp.value));
+                                            sos.print(fp.value);
                                         } catch (IOException e) {
                                             throw new CadiException(e);
                                         }
@@ -123,7 +122,7 @@ public class API_AAFAccess {
                         User u = (User)d.data.get(0);
                         resp.setStatus(u.code);
                         ServletOutputStream sos = resp.getOutputStream();
-                        sos.print(Encode.forJava(u.resp));
+                        sos.print(u.resp);
                     }
                 } finally {
                     tt.done();
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java
index 047663c3..67107088 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java
@@ -59,7 +59,6 @@ import org.onap.aaf.misc.env.Env;
 import org.onap.aaf.misc.env.TimeTaken;
 import org.onap.aaf.misc.rosetta.env.RosettaDF;
 import org.onap.aaf.misc.rosetta.env.RosettaData;
-import org.owasp.encoder.Encode;
 
 import locate_local.v1_0.Api;
 
@@ -267,7 +266,7 @@ public abstract class LocateFacadeImpl<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIGURA
         TimeTaken tt = trans.start(API_EXAMPLE, Env.SUB);
         try {
             String content =Examples.print(apiDF.getEnv(), nameOrContentType, optional);
-            resp.getOutputStream().print(Encode.forJava(content));
+            resp.getOutputStream().print(content);
             setContentType(resp,content.contains("<?xml")?TYPE.XML:TYPE.JSON);
             return Result.ok();
         } catch (Exception e) {
@@ -312,7 +311,7 @@ public abstract class LocateFacadeImpl<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIGURA
                     }
                 }
             }
-            resp.getOutputStream().println(Encode.forJava(output));
+            resp.getOutputStream().println(output);
             setContentType(resp,epDF.getOutType());
             return Result.ok();
         } catch (Exception e) {
-- 
cgit 1.2.3-korg