diff options
author | vasraz <vasyl.razinkov@est.tech> | 2022-10-14 13:35:39 +0100 |
---|---|---|
committer | Michael Morris <michael.morris@est.tech> | 2022-10-18 08:27:16 +0000 |
commit | ddb9d5a7637b382be9ac7a96ad023a983c41c342 (patch) | |
tree | 4e551d6ce4348aed56f42b021bbe4fcfccc3cd15 /openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src | |
parent | ccab3629426bdc6a87ca6102db3fdb23d4419b3e (diff) |
Fix security risk 'Improper Input Validation'
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Change-Id: I6a52148aec3b567db43ec57109214e52d106f73c
Issue-ID: SDC-4189
Diffstat (limited to 'openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src')
-rw-r--r-- | openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml | 28 |
1 files changed, 18 insertions, 10 deletions
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml index b51399ca54..f0291cb060 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml @@ -15,6 +15,15 @@ </listener> <filter> + <filter-name>dataValidatorFilter</filter-name> + <filter-class>org.openecomp.sdc.common.filters.DataValidatorFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>dataValidatorFilter</filter-name> + <url-pattern>/v1.0/*</url-pattern> + </filter-mapping> + + <filter> <filter-name>contentSecurityPolicyHeaderFilter</filter-name> <filter-class>org.openecomp.sdc.common.filters.ContentSecurityPolicyHeaderFilter</filter-class> <async-supported>true</async-supported> @@ -54,6 +63,7 @@ <filter-name>RestrictionAccessFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> + <!-- Spring WS Mapping --> <servlet> <servlet-name>spring-mapper</servlet-name> @@ -62,10 +72,13 @@ </servlet-class> <load-on-startup>1</load-on-startup> </servlet> + <servlet-mapping> + <servlet-name>spring-mapper</servlet-name> + <url-pattern>/ws/*</url-pattern> + </servlet-mapping> <!-- CXF --> <servlet> <servlet-name>CXFServlet</servlet-name> - <display-name>CXF Servlet</display-name> <servlet-class> org.apache.cxf.transport.servlet.CXFServlet </servlet-class> @@ -87,19 +100,14 @@ </init-param> <load-on-startup>1</load-on-startup> </servlet> + <servlet-mapping> + <servlet-name>CXFServlet</servlet-name> + <url-pattern>/*</url-pattern> + </servlet-mapping> <context-param> <param-name>org.eclipse.jetty.servlet.Default.dirAllowed</param-name> <param-value>false</param-value> </context-param> - <servlet-mapping> - <servlet-name>spring-mapper</servlet-name> - <url-pattern>/ws/*</url-pattern> - </servlet-mapping> - <servlet-mapping> - <servlet-name>CXFServlet</servlet-name> - <url-pattern>/*</url-pattern> - </servlet-mapping> - </web-app> |