Repair security filters

Revise app web.xml to remove typo in Java package name. Also drop unneeded test class. Issue: PORTAL-135 Change-Id: I49662928c5eed38520e9a9c5f839385148aef0fa Signed-off-by: Christopher Lott (cl778h) <clott@research.att.com>
author: Christopher Lott (cl778h) <clott@research.att.com> 2017-10-25 09:55:06 -0400
committer: Christopher Lott (cl778h) <clott@research.att.com> 2017-10-25 09:55:52 -0400
commit: e22eec55bf0815dd1c303ac5fb1c6e6f211a70f0 (patch)
tree: de0e35104535e35452a2ef002cec6c3e94c2945e /ecomp-sdk/epsdk-analytics/src/main
parent: e3982f6c2a13c903947a66d89e1af1ccbb161e5f (diff)
3 files changed, 13 insertions, 12 deletions
diff --git a/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/controller/ActionHandler.java b/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/controller/ActionHandler.java
index 36c9d526..ba455899 100644
--- a/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/controller/ActionHandler.java
+++ b/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/controller/ActionHandler.java
@@ -1949,12 +1949,12 @@ public class ActionHandler extends org.onap.portalsdk.analytics.RaptorObject {
         logger.debug(EELFLoggerDelegate.debugLogger, ("Command Executed "));
         //Connection connection = DbUtils.getConnection();
         Enumeration enum1 = rr.getParamKeys();
-        String value = "", key = "";
+        String value = "";
         String paramStr = "";
         StringBuffer paramBuffer = new StringBuffer();
         if(enum1!=null) {
             for (; enum1.hasMoreElements();) {
-                 key = (String) enum1.nextElement();
+            	String key = (String) enum1.nextElement();
                  value = rr.getParamValue(key);
                  paramBuffer.append(key+":"+value+" ");
             }
diff --git a/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/ReportHandler.java b/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/ReportHandler.java
index b4c6faac..0afd354e 100644
--- a/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/ReportHandler.java
+++ b/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/ReportHandler.java
@@ -167,6 +167,7 @@ import org.onap.portalsdk.analytics.xmlobj.Reports;
 import org.onap.portalsdk.analytics.xmlobj.SemaphoreList;
 import org.onap.portalsdk.analytics.xmlobj.SemaphoreType;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.owasp.esapi.ESAPI;
 
 import com.lowagie.text.Document;
 import com.lowagie.text.Paragraph;
@@ -3712,7 +3713,7 @@ public class ReportHandler extends org.onap.portalsdk.analytics.RaptorObject {
 	                	//strBuf.append("Run-time Parameters\n");
 	                }
 	                	csvOut.print("\"" + value.getId() +":" + "\",");
-	                	valueName = nvl(value.getName());
+	                	valueName = ESAPI.encoder().canonicalize(nvl(value.getName()));
 	                	if(valueName.indexOf("~")!= -1 && valueName.startsWith("(")) {
 	                		csvOut.print("\"'" + valueName.replaceAll("~",",")+ "'\",");
 	                	} else {
diff --git a/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/runtime/ChartD3Helper.java b/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/runtime/ChartD3Helper.java
index 1a8da8d0..f5c641a4 100644
--- a/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/runtime/ChartD3Helper.java
+++ b/ecomp-sdk/epsdk-analytics/src/main/java/org/onap/portalsdk/analytics/model/runtime/ChartD3Helper.java
@@ -61,6 +61,7 @@ import java.util.regex.Pattern;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
 
+import org.apache.commons.lang.StringUtils;
 import org.apache.commons.lang.time.DateUtils;
 import org.onap.portalsdk.analytics.error.RaptorException;
 import org.onap.portalsdk.analytics.model.ReportHandler;
@@ -1932,29 +1933,28 @@ public class ChartD3Helper {
 					wholeScript.append("<script> \n");
 
 					wholeScript.append("historicalBarChart = [ \n");
-					 double TOTAL = 0;
-					 double VALUE = 0;
+					 double total = 0;
+					 double value = 0;
 					 int flagNull = 0;
-					 String KEY = "";
 					 String COLOR = "";
 					 TreeSet<String> colorList = new TreeSet<String>();
 					 for (int i = 0; i < ds.getRowCount(); i++) {
-						 VALUE = 0;
+						 value = 0;
 						 try {
-						  VALUE = Double.parseDouble(ds.getString(i, 2));
-						  TOTAL = TOTAL+VALUE;
+							 value = Double.parseDouble(ds.getString(i, 2));
+						  total = total+value;
 						 } catch (NumberFormatException ex) {
 							 flagNull = 1;
 						 }
-						 KEY = ds.getString(i, 0);
+						 String key = ds.getString(i, 0);
 						 try {
 							 if(ds.getString(i, "chart_color")!=null) {
-								 colorList.add(KEY+"|"+ds.getString(i,  "chart_color"));					 
+								 colorList.add(key+"|"+ds.getString(i,  "chart_color"));					 
 							 }
 						 } catch (ArrayIndexOutOfBoundsException ex) {
 							 //System.out.println("No Chart Color");
 						 }
-						 wholeScript.append("{ \""+ "key" +"\":\""+ KEY+"\", \""+ "y" +"\":"+VALUE+"}, \n");
+						 wholeScript.append("{ \""+ "key" +"\":\""+ key+"\", \""+ "y" +"\":"+value+"}, \n");
 						 
 					 }
 					 StringBuffer color = new StringBuffer("");
author	Christopher Lott (cl778h) <clott@research.att.com>	2017-10-25 09:55:06 -0400
committer	Christopher Lott (cl778h) <clott@research.att.com>	2017-10-25 09:55:52 -0400
commit	e22eec55bf0815dd1c303ac5fb1c6e6f211a70f0 (patch)
tree	de0e35104535e35452a2ef002cec6c3e94c2945e /ecomp-sdk/epsdk-analytics/src/main
parent	e3982f6c2a13c903947a66d89e1af1ccbb161e5f (diff)