From 0c8425b25c093f638351a14f84a7b1df731cd0de Mon Sep 17 00:00:00 2001 From: rb7147 Date: Thu, 1 Feb 2018 16:29:04 -0500 Subject: Resolved Fortify System Information Leak issues Issue-ID: POLICY-550 Change-Id: I2145ecb6de43b69d6faf44c6395b119134a9904f Signed-off-by: rb7147 --- .../src/main/java/org/onap/policy/controller/AdminTabController.java | 3 ++- .../java/org/onap/policy/controller/PolicyNotificationController.java | 3 ++- .../java/org/onap/policy/controller/PolicyValidationController.java | 3 ++- 3 files changed, 6 insertions(+), 3 deletions(-) (limited to 'POLICY-SDK-APP') diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/AdminTabController.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/AdminTabController.java index 4893522ef..346b95aff 100644 --- a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/AdminTabController.java +++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/AdminTabController.java @@ -34,6 +34,7 @@ import org.onap.policy.common.logging.flexlogger.FlexLogger; import org.onap.policy.common.logging.flexlogger.Logger; import org.onap.policy.rest.dao.CommonClassDao; import org.onap.policy.rest.jpa.GlobalRoleSettings; +import org.onap.policy.utils.PolicyUtils; import org.onap.portalsdk.core.controller.RestrictedBaseController; import org.onap.portalsdk.core.web.support.JsonMessage; import org.onap.portalsdk.core.web.support.UserUtils; @@ -118,7 +119,7 @@ public class AdminTabController extends RestrictedBaseController{ response.setCharacterEncoding("UTF-8"); request.setCharacterEncoding("UTF-8"); PrintWriter out = response.getWriter(); - out.write(e.getMessage()); + out.write(PolicyUtils.CATCH_EXCEPTION); } return null; } diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyNotificationController.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyNotificationController.java index 1a13d1d37..707bbac09 100644 --- a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyNotificationController.java +++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyNotificationController.java @@ -38,6 +38,7 @@ import org.onap.policy.common.logging.flexlogger.FlexLogger; import org.onap.policy.common.logging.flexlogger.Logger; import org.onap.policy.rest.dao.CommonClassDao; import org.onap.policy.rest.jpa.WatchPolicyNotificationTable; +import org.onap.policy.utils.PolicyUtils; import org.onap.portalsdk.core.controller.RestrictedBaseController; import org.onap.portalsdk.core.web.support.UserUtils; import org.springframework.beans.factory.annotation.Autowired; @@ -124,7 +125,7 @@ public class PolicyNotificationController extends RestrictedBaseController { request.setCharacterEncoding("UTF-8"); logger.error("Error druing watchPolicy function " + e); PrintWriter out = response.getWriter(); - out.write(e.getMessage()); + out.write(PolicyUtils.CATCH_EXCEPTION); } return null; } diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyValidationController.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyValidationController.java index ed32f2904..fca1096ff 100644 --- a/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyValidationController.java +++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/controller/PolicyValidationController.java @@ -33,6 +33,7 @@ import org.onap.policy.common.logging.flexlogger.Logger; import org.onap.policy.rest.adapter.PolicyRestAdapter; import org.onap.policy.rest.util.PolicyValidation; import org.onap.policy.rest.util.PolicyValidationRequestWrapper; +import org.onap.policy.utils.PolicyUtils; import org.onap.portalsdk.core.controller.RestrictedBaseController; import org.onap.portalsdk.core.web.support.JsonMessage; import org.springframework.stereotype.Controller; @@ -71,7 +72,7 @@ public class PolicyValidationController extends RestrictedBaseController { response.setCharacterEncoding("UTF-8"); request.setCharacterEncoding("UTF-8"); PrintWriter out = response.getWriter(); - out.write(e.getMessage()); + out.write(PolicyUtils.CATCH_EXCEPTION); } return null; } -- cgit 1.2.3-korg