diff options
author | vasraz <vasyl.razinkov@est.tech> | 2021-10-12 15:18:52 +0100 |
---|---|---|
committer | Vasyl Razinkov <vasyl.razinkov@est.tech> | 2021-10-12 15:58:40 +0000 |
commit | 2f0479369f1bdb5a76c3856c7fd066cfd2db75e6 (patch) | |
tree | e930133f932c52953f06cfc31a12299cf4e48ed7 /catalog-fe/src/main/java | |
parent | 0db74a648b91d5affb32be5b5b3fa54e150710bb (diff) |
Revert "Fix critical cross site scripting"
This reverts commit 7c8f40bc6df4a5a4d5822e48ecbe5ebe6a0d251a.
Change-Id: I5719e82cffd36a21f265217265acf7eac060124b
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Issue-ID: SDC-3755
Diffstat (limited to 'catalog-fe/src/main/java')
-rw-r--r-- | catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/PortalServlet.java | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/PortalServlet.java b/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/PortalServlet.java index 97c4ac60fa..6378b996cf 100644 --- a/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/PortalServlet.java +++ b/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/PortalServlet.java @@ -113,7 +113,7 @@ public class PortalServlet extends HttpServlet { * @throws IOException */ private void addRequestHeadersUsingWebseal(final HttpServletRequest request, final HttpServletResponse response) - throws ServletException, IOException, CipherUtilException { + throws ServletException, IOException { response.setContentType("text/html"); // Create new request object to dispatch MutableHttpServletRequest mutableRequest = new MutableHttpServletRequest(request); @@ -243,13 +243,12 @@ public class PortalServlet extends HttpServlet { * @param request * @param headers */ - private void addCookies(final HttpServletResponse response, final HttpServletRequest request, final String[] headers) - throws CipherUtilException { + private void addCookies(final HttpServletResponse response, final HttpServletRequest request, final String[] headers) { for (var i = 0; i < headers.length; i++) { final var currHeader = ValidationUtils.sanitizeInputString(headers[i]); final var headerValue = ValidationUtils.sanitizeInputString(request.getHeader(currHeader)); if (headerValue != null) { - final var cookie = new Cookie(currHeader, CipherUtil.encryptPKC(headerValue)); + final var cookie = new Cookie(currHeader, headerValue); cookie.setSecure(true); response.addCookie(cookie); } |