diff options
author | Sébastien Determe <sebastien.determe@intl.att.com> | 2019-10-04 14:26:21 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2019-10-04 14:26:21 +0000 |
commit | 9961ca616538f9fd3931d03cf2aec9344c11609d (patch) | |
tree | ffbe8d2be776f900581e1568ddd003416fe25ed7 | |
parent | d58ae1b2ca0819924d4c6df78a0613441398befb (diff) | |
parent | ad99ac2d9c4f9c9ea15d7f0b11863bb28b0a7b23 (diff) |
Merge "Fix X509 injection"
-rw-r--r-- | src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java b/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java index 3a9394227..7e104c74b 100644 --- a/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java +++ b/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java @@ -30,6 +30,8 @@ import java.io.ByteArrayInputStream; import java.io.File; import java.io.IOException; import java.io.InputStream; +import java.net.URLDecoder; +import java.nio.charset.StandardCharsets; import java.nio.file.StandardCopyOption; import java.security.cert.CertificateException; import java.security.cert.CertificateFactory; @@ -142,7 +144,8 @@ public class ClampCadiFilter extends CadiFilter { public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { try { - String certHeader = ((HttpServletRequest) request).getHeader("X-SSL-Cert"); + String certHeader = URLDecoder.decode(((HttpServletRequest) request).getHeader("X-SSL-Cert"), + StandardCharsets.UTF_8.toString()); if (certHeader != null) { CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); |