summaryrefslogtreecommitdiffstats
path: root/utils/webseal-simulator/src/main
diff options
context:
space:
mode:
authorvasraz <vasyl.razinkov@est.tech>2022-09-07 18:45:20 +0100
committerMichael Morris <michael.morris@est.tech>2022-09-08 10:09:00 +0000
commit013779aedf93a6f6ff878c457de53e729540c252 (patch)
treee01b5f74e4b452a14ac81ebc410bf2c004a9a757 /utils/webseal-simulator/src/main
parentc37bada019850822df28e2d28f10b64241467fdf (diff)
Fix high-severity bug 'application exposed to path traversal attack'
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: I7f4b1e8d083cc39f8e57dcedddecc6af56fdc9c2 Issue-ID: SDC-4169
Diffstat (limited to 'utils/webseal-simulator/src/main')
-rw-r--r--utils/webseal-simulator/src/main/webapp/WEB-INF/web.xml78
1 files changed, 42 insertions, 36 deletions
diff --git a/utils/webseal-simulator/src/main/webapp/WEB-INF/web.xml b/utils/webseal-simulator/src/main/webapp/WEB-INF/web.xml
index 7535e1bdf8..a293d3c883 100644
--- a/utils/webseal-simulator/src/main/webapp/WEB-INF/web.xml
+++ b/utils/webseal-simulator/src/main/webapp/WEB-INF/web.xml
@@ -1,40 +1,46 @@
<?xml version="1.0" encoding="UTF-8"?>
-<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
- version="3.0">
-
- <display-name>Archetype Created Web Application</display-name>
-
- <servlet>
- <servlet-name>Proxy</servlet-name>
- <servlet-class>org.openecomp.sdc.webseal.simulator.SdcProxy</servlet-class>
- </servlet>
- <servlet-mapping>
- <servlet-name>Proxy</servlet-name>
- <url-pattern>/*</url-pattern>
- </servlet-mapping>
-
- <servlet>
- <servlet-name>Login</servlet-name>
- <servlet-class>org.openecomp.sdc.webseal.simulator.Login</servlet-class>
- </servlet>
- <servlet-mapping>
- <servlet-name>Login</servlet-name>
- <url-pattern>/login</url-pattern>
- </servlet-mapping>
-
- <servlet>
- <servlet-name>CreateUser</servlet-name>
- <servlet-class>org.openecomp.sdc.webseal.simulator.RequestsClient</servlet-class>
- </servlet>
- <servlet-mapping>
- <servlet-name>CreateUser</servlet-name>
- <url-pattern>/create</url-pattern>
- </servlet-mapping>
-
- <welcome-file-list>
- <welcome-file>login</welcome-file>
- </welcome-file-list>
+<web-app xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+ version="3.0">
+
+ <display-name>Archetype Created Web Application</display-name>
+
+ <servlet>
+ <servlet-name>Proxy</servlet-name>
+ <servlet-class>org.openecomp.sdc.webseal.simulator.SdcProxy</servlet-class>
+ </servlet>
+ <servlet-mapping>
+ <servlet-name>Proxy</servlet-name>
+ <url-pattern>/*</url-pattern>
+ </servlet-mapping>
+
+ <context-param>
+ <param-name>org.eclipse.jetty.servlet.Default.dirAllowed</param-name>
+ <param-value>false</param-value>
+ </context-param>
+
+ <servlet>
+ <servlet-name>Login</servlet-name>
+ <servlet-class>org.openecomp.sdc.webseal.simulator.Login</servlet-class>
+ </servlet>
+ <servlet-mapping>
+ <servlet-name>Login</servlet-name>
+ <url-pattern>/login</url-pattern>
+ </servlet-mapping>
+
+ <servlet>
+ <servlet-name>CreateUser</servlet-name>
+ <servlet-class>org.openecomp.sdc.webseal.simulator.RequestsClient</servlet-class>
+ </servlet>
+ <servlet-mapping>
+ <servlet-name>CreateUser</servlet-name>
+ <url-pattern>/create</url-pattern>
+ </servlet-mapping>
+
+ <welcome-file-list>
+ <welcome-file>login</welcome-file>
+ </welcome-file-list>
</web-app>