Fix CRITICAL cross-site scripting (xss) issues identified in sonarcloud

Issue-ID: OPTFRA-966 Signed-off-by: Malarvizhi Paramasivam <malarvizhi.44@wipro.com> Change-Id: I75825cd8b98c78712e7c727952e9602ace4ea1c0
author: Malarvizhi Paramasivam <malarvizhi.44@wipro.com> 2021-06-14 15:34:10 +0530
committer: Malarvizhi Paramasivam <malarvizhi.44@wipro.com> 2021-06-14 15:34:10 +0530
commit: 333a4acb10bd16e72436d37bf876c14836c2c6d9 (patch)
tree: 52a945fb4e17bb8705e64c98b4e6496309960407 /solverapp.py
parent: 1176c145328a61f314ccba63c4083d2d1990d4dc (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/solverapp.py b/solverapp.py
index 39f2670..a2df317 100644
--- a/solverapp.py
+++ b/solverapp.py
@@ -16,7 +16,8 @@
 # -------------------------------------------------------------------------
 #
 
-from flask import request, g
+from flask import request
+from markupsafe import Markup
 
 from osdf.apps.baseapp import app, run_app
 from osdf.logging.osdf_logging import audit_log
@@ -50,7 +51,7 @@ def opt_model_create_rest_api():
 def opt_get_model_rest_api(model_id):
     """Retrieve model data
     """
-
+    model_id = Markup.escape(model_id)
     return retrieve_model_data(model_id)
author	Malarvizhi Paramasivam <malarvizhi.44@wipro.com>	2021-06-14 15:34:10 +0530
committer	Malarvizhi Paramasivam <malarvizhi.44@wipro.com>	2021-06-14 15:34:10 +0530
commit	333a4acb10bd16e72436d37bf876c14836c2c6d9 (patch)
tree	52a945fb4e17bb8705e64c98b4e6496309960407 /solverapp.py
parent	1176c145328a61f314ccba63c4083d2d1990d4dc (diff)