aboutsummaryrefslogtreecommitdiffstats
path: root/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java')
-rw-r--r--datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java7
1 files changed, 7 insertions, 0 deletions
diff --git a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java
index 0d030683..27fa5f3e 100644
--- a/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java
+++ b/datarouter-node/src/main/java/org/onap/dmaap/datarouter/node/NodeServlet.java
@@ -253,6 +253,13 @@ public class NodeServlet extends HttpServlet {
return;
}
fileid = fileid.substring(18);
+ if (req.getHeader("X-DMAAP-DR-PUBLISH-ID") != null && !req.getHeader("X-DMAAP-DR-PUBLISH-ID").matches("^[a-zA-Z0-9_]+$")) {
+ String reason = "Error validating header";
+ eelfLogger.error(reason);
+ resp.sendError(HttpServletResponse.SC_BAD_REQUEST, reason);
+ eelfLogger.info(EelfMsgs.EXIT);
+ return;
+ }
pubid = req.getHeader("X-DMAAP-DR-PUBLISH-ID");
user = "datartr"; // SP6 : Added usr as datartr to avoid null entries for internal routing
targets = config.parseRouting(req.getHeader("X-DMAAP-DR-ROUTING"));