From de75a11f03d87b53f7a2b5525c8fc66f6053aef2 Mon Sep 17 00:00:00 2001
From: Raviteja Cherughattu <rc835m@att.com>
Date: Wed, 29 Jul 2020 11:49:13 -0500
Subject: Medium Vulnerabilities: Reverting the changes done towards Locate &
 FS

Issue-ID: AAF-1115
Change-Id: Ia26cb13d5105d6bad97503c8a85607f01e956478
Signed-off-by: Raviteja Cherughattu <rc835m@att.com>
---
 auth/auth-locate/pom.xml                                       |  5 -----
 .../main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java  | 10 +++-------
 2 files changed, 3 insertions(+), 12 deletions(-)

(limited to 'auth/auth-locate')

diff --git a/auth/auth-locate/pom.xml b/auth/auth-locate/pom.xml
index 36585989..71fcfa98 100644
--- a/auth/auth-locate/pom.xml
+++ b/auth/auth-locate/pom.xml
@@ -83,11 +83,6 @@
 			<artifactId>encoder</artifactId>		
 			<version>1.2.1</version>		
 		</dependency>
-		<dependency>	
-            <groupId>org.owasp.esapi</groupId>	
-			<artifactId>esapi</artifactId>	
-			<version>2.0.1</version>	
-        </dependency>
         
     </dependencies>
 
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java
index 7b23c89c..2bb497a0 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java
@@ -53,8 +53,6 @@ import org.onap.aaf.cadi.client.Retryable;
 import org.onap.aaf.misc.env.APIException;
 import org.onap.aaf.misc.env.Env;
 import org.onap.aaf.misc.env.TimeTaken;
-import org.owasp.esapi.errors.AccessControlException;
-import org.owasp.esapi.reference.DefaultHTTPUtilities;
 import org.owasp.encoder.Encode;
 
 public class API_AAFAccess {
@@ -259,7 +257,7 @@ public class API_AAFAccess {
         });
     }
 
-    private static void redirect(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, LocateFacade context, Locator<URI> loc, String path) throws IOException, AccessControlException {
+    private static void redirect(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, LocateFacade context, Locator<URI> loc, String path) throws IOException {
         try {
             if (loc.hasItems()) {
                 Item item = loc.best();
@@ -272,10 +270,8 @@ public class API_AAFAccess {
                     redirectURL.append('?');
                     redirectURL.append(str);
                 }
-                trans.info().log("Redirect to",redirectURL);
-                DefaultHTTPUtilities util = new DefaultHTTPUtilities();            	
-                util.sendRedirect(redirectURL.toString());                
-                //resp.sendRedirect(redirectURL.toString());
+                trans.info().log("Redirect to",redirectURL);              
+                resp.sendRedirect(redirectURL.toString());
             } else {
                 context.error(trans, resp, Result.err(Result.ERR_NotFound,"No Locations found for redirection"));
             }
-- 
cgit 1.2.3-korg