summaryrefslogtreecommitdiffstats
path: root/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/controller/PushPolicyController.java
diff options
context:
space:
mode:
Diffstat (limited to 'ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/controller/PushPolicyController.java')
-rw-r--r--ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/controller/PushPolicyController.java9
1 files changed, 6 insertions, 3 deletions
diff --git a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/controller/PushPolicyController.java b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/controller/PushPolicyController.java
index 9c25b3aee..107983562 100644
--- a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/controller/PushPolicyController.java
+++ b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/rest/controller/PushPolicyController.java
@@ -62,6 +62,9 @@ public class PushPolicyController {
private static String errorMsg = "error";
private static String operation = "operation";
private static String messageContent = "message";
+
+ private static final String REGEX = "[0-9a-zA-Z._ ]*";
+
@Autowired
public PushPolicyController(CommonClassDao commonClassDao){
PushPolicyController.commonClassDao = commonClassDao;
@@ -128,12 +131,12 @@ public class PushPolicyController {
}
if(selectedPDPGroup==null){
String message = "Unknown groupId '" + selectedPDPGroup + "'";
+ if(!message.matches(REGEX) ){
+ message = "Unknown groupId";
+ }
PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE + " " + message);
response.addHeader(errorMsg, "unknownGroupId");
response.addHeader(operation, "push");
- //for fixing Header Manipulation of Fortify issue
- message = message.replace("\n", "");
- message = message.replace("\r", "");
response.addHeader(messageContent, message);
response.setStatus(HttpServletResponse.SC_NOT_FOUND);
return;