diff options
author | vasraz <vasyl.razinkov@est.tech> | 2022-10-14 13:35:39 +0100 |
---|---|---|
committer | Michael Morris <michael.morris@est.tech> | 2022-10-18 08:27:16 +0000 |
commit | ddb9d5a7637b382be9ac7a96ad023a983c41c342 (patch) | |
tree | 4e551d6ce4348aed56f42b021bbe4fcfccc3cd15 /openecomp-be/api | |
parent | ccab3629426bdc6a87ca6102db3fdb23d4419b3e (diff) |
Fix security risk 'Improper Input Validation'
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Change-Id: I6a52148aec3b567db43ec57109214e52d106f73c
Issue-ID: SDC-4189
Diffstat (limited to 'openecomp-be/api')
3 files changed, 51 insertions, 31 deletions
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml index b51399ca54..f0291cb060 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/src/main/webapp/WEB-INF/web.xml @@ -15,6 +15,15 @@ </listener> <filter> + <filter-name>dataValidatorFilter</filter-name> + <filter-class>org.openecomp.sdc.common.filters.DataValidatorFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>dataValidatorFilter</filter-name> + <url-pattern>/v1.0/*</url-pattern> + </filter-mapping> + + <filter> <filter-name>contentSecurityPolicyHeaderFilter</filter-name> <filter-class>org.openecomp.sdc.common.filters.ContentSecurityPolicyHeaderFilter</filter-class> <async-supported>true</async-supported> @@ -54,6 +63,7 @@ <filter-name>RestrictionAccessFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> + <!-- Spring WS Mapping --> <servlet> <servlet-name>spring-mapper</servlet-name> @@ -62,10 +72,13 @@ </servlet-class> <load-on-startup>1</load-on-startup> </servlet> + <servlet-mapping> + <servlet-name>spring-mapper</servlet-name> + <url-pattern>/ws/*</url-pattern> + </servlet-mapping> <!-- CXF --> <servlet> <servlet-name>CXFServlet</servlet-name> - <display-name>CXF Servlet</display-name> <servlet-class> org.apache.cxf.transport.servlet.CXFServlet </servlet-class> @@ -87,19 +100,14 @@ </init-param> <load-on-startup>1</load-on-startup> </servlet> + <servlet-mapping> + <servlet-name>CXFServlet</servlet-name> + <url-pattern>/*</url-pattern> + </servlet-mapping> <context-param> <param-name>org.eclipse.jetty.servlet.Default.dirAllowed</param-name> <param-value>false</param-value> </context-param> - <servlet-mapping> - <servlet-name>spring-mapper</servlet-name> - <url-pattern>/ws/*</url-pattern> - </servlet-mapping> - <servlet-mapping> - <servlet-name>CXFServlet</servlet-name> - <url-pattern>/*</url-pattern> - </servlet-mapping> - </web-app> diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/beans-services.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/beans-services.xml index 9c2aa51a28..15251436d6 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/beans-services.xml +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/beans-services.xml @@ -104,4 +104,4 @@ </jaxrs:outInterceptors> </jaxrs:server> -</beans>
\ No newline at end of file +</beans> diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/web.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/web.xml index eb8bd9e93f..31400f878e 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/web.xml +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/web.xml @@ -25,8 +25,18 @@ </listener> <filter> + <filter-name>dataValidatorFilter</filter-name> + <filter-class>org.openecomp.sdc.common.filters.DataValidatorFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>dataValidatorFilter</filter-name> + <url-pattern>/v1.0/*</url-pattern> + </filter-mapping> + + <filter> <filter-name>contentSecurityPolicyHeaderFilter</filter-name> - <filter-class>org.openecomp.sdc.common.filters.ContentSecurityPolicyHeaderFilter</filter-class> + <filter-class>org.openecomp.sdc.common.filters.ContentSecurityPolicyHeaderFilter + </filter-class> <async-supported>true</async-supported> </filter> <filter-mapping> @@ -41,9 +51,6 @@ <filter-mapping> <filter-name>PermissionsFilter</filter-name> <url-pattern>/v1.0/vendor-license-models/*</url-pattern> - </filter-mapping> - <filter-mapping> - <filter-name>PermissionsFilter</filter-name> <url-pattern>/v1.0/vendor-software-products/*</url-pattern> </filter-mapping> @@ -63,6 +70,10 @@ <param-value>*</param-value> </init-param> </filter> + <filter-mapping> + <filter-name>cross-origin</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> <filter> <filter-name>RestrictionAccessFilter</filter-name> @@ -73,34 +84,34 @@ <filter-name>RestrictionAccessFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> + <filter> <filter-name>BasicAuth</filter-name> <filter-class>org.openecomp.server.filters.BasicAuthenticationFilter</filter-class> </filter> - <filter> - <filter-name>AuthN</filter-name> - <filter-class>org.openecomp.server.filters.ActionAuthenticationFilter</filter-class> - </filter> - <filter> - <filter-name>AuthZ</filter-name> - <filter-class>org.openecomp.server.filters.ActionAuthorizationFilter</filter-class> - </filter> - <filter-mapping> - <filter-name>cross-origin</filter-name> - <url-pattern>/*</url-pattern> - </filter-mapping> <filter-mapping> <filter-name>BasicAuth</filter-name> <url-pattern>/1.0/*</url-pattern> </filter-mapping> + + <filter> + <filter-name>AuthN</filter-name> + <filter-class>org.openecomp.server.filters.ActionAuthenticationFilter</filter-class> + </filter> <filter-mapping> <filter-name>AuthN</filter-name> <url-pattern>/workflow/v1.0/actions/*</url-pattern> </filter-mapping> + + <filter> + <filter-name>AuthZ</filter-name> + <filter-class>org.openecomp.server.filters.ActionAuthorizationFilter</filter-class> + </filter> <filter-mapping> <filter-name>AuthZ</filter-name> <url-pattern>/workflow/v1.0/actions/*</url-pattern> </filter-mapping> + <filter> <filter-name>SessionContextFilter</filter-name> <filter-class>org.openecomp.server.filters.OnboardingSessionContextFilter</filter-class> @@ -109,6 +120,7 @@ <filter-name>SessionContextFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> + <!-- Spring WS Mapping --> <servlet> <servlet-name>spring-mapper</servlet-name> @@ -117,6 +129,10 @@ </servlet-class> <load-on-startup>1</load-on-startup> </servlet> + <servlet-mapping> + <servlet-name>spring-mapper</servlet-name> + <url-pattern>/ws/*</url-pattern> + </servlet-mapping> <!-- CXF --> <servlet> <servlet-name>CXFServlet</servlet-name> @@ -142,10 +158,6 @@ <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> - <servlet-name>spring-mapper</servlet-name> - <url-pattern>/ws/*</url-pattern> - </servlet-mapping> - <servlet-mapping> <servlet-name>CXFServlet</servlet-name> <url-pattern>/*</url-pattern> </servlet-mapping> |