summaryrefslogtreecommitdiffstats
path: root/ecomp-sdk/epsdk-app-os/src/main/webapp
diff options
context:
space:
mode:
authorst782s <statta@research.att.com>2018-01-03 14:30:16 -0500
committerTATTAVARADA <statta@research.att.com>2018-01-03 14:31:40 -0500
commit69062c0ec148ccadaced3ef1d6eff63ba422c055 (patch)
tree153af87b560baa991263ad66797f44e1c475431f /ecomp-sdk/epsdk-app-os/src/main/webapp
parented07ebfbce4031ef4dfbd2f42147f6a7b351aeb8 (diff)
Harden code
Issue-ID: PORTAL-145,PORTAL-119,PORTAL-118 Harden code to address SQL injecton, XSS vulnerabilities; Separate docker images for portal, sdk app and DMaaPBC ui; Missing error page Change-Id: I1818fbf86c601dd41b274729038e731fb2ec8f7d Signed-off-by: st782s <statta@research.att.com>
Diffstat (limited to 'ecomp-sdk/epsdk-app-os/src/main/webapp')
-rw-r--r--ecomp-sdk/epsdk-app-os/src/main/webapp/WEB-INF/conf/system.properties4
-rw-r--r--ecomp-sdk/epsdk-app-os/src/main/webapp/WEB-INF/web.xml23
2 files changed, 16 insertions, 11 deletions
diff --git a/ecomp-sdk/epsdk-app-os/src/main/webapp/WEB-INF/conf/system.properties b/ecomp-sdk/epsdk-app-os/src/main/webapp/WEB-INF/conf/system.properties
index de056a3d..0dc81301 100644
--- a/ecomp-sdk/epsdk-app-os/src/main/webapp/WEB-INF/conf/system.properties
+++ b/ecomp-sdk/epsdk-app-os/src/main/webapp/WEB-INF/conf/system.properties
@@ -69,4 +69,6 @@ instance_uuid=8da691c9-987d-43ed-a358-00ac2f35685d
# app_base_url = https://www.openecomp.org/app_context/
#authenticate user server
-authenticate_user_server=http://todo_enter_auth_server_hostname:8383/openid-connect-server-webapp/allUsers \ No newline at end of file
+authenticate_user_server=http://todo_enter_auth_server_hostname:8383/openid-connect-server-webapp/allUsers
+#cookie domain
+cookie_domain = onap.org \ No newline at end of file
diff --git a/ecomp-sdk/epsdk-app-os/src/main/webapp/WEB-INF/web.xml b/ecomp-sdk/epsdk-app-os/src/main/webapp/WEB-INF/web.xml
index f5039df4..76a372be 100644
--- a/ecomp-sdk/epsdk-app-os/src/main/webapp/WEB-INF/web.xml
+++ b/ecomp-sdk/epsdk-app-os/src/main/webapp/WEB-INF/web.xml
@@ -1,8 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee"
- xmlns:web="http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
- version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee">
+ xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee" xmlns:web="http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
+ version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee">
<display-name>ecomp-sdk-app-os</display-name>
@@ -14,12 +13,16 @@
<tracking-mode>COOKIE</tracking-mode>
</session-config>
<filter>
- <filter-name>SecurityXssFilter</filter-name>
- <filter-class>org.onap.portalapp.filter.SecurityXssFilter</filter-class>
- </filter>
- <filter-mapping>
- <filter-name>SecurityXssFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
+ <filter-name>SecurityXssFilter</filter-name>
+ <filter-class>org.onap.portalapp.filter.SecurityXssFilter
+ </filter-class>
+ </filter>
+ <filter-mapping>
+ <filter-name>SecurityXssFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
+ <error-page>
+ <location>/WEB-INF/jsp/error.jsp</location>
+ </error-page>
</web-app> \ No newline at end of file