diff options
| author |   vasraz <vasyl.razinkov@est.tech> | 2022-09-07 18:45:20 +0100 |
|---|---|---|
| committer |   Michael Morris <michael.morris@est.tech> | 2022-09-08 10:09:00 +0000 |
| commit | 013779aedf93a6f6ff878c457de53e729540c252 (patch) | |
| tree | e01b5f74e4b452a14ac81ebc410bf2c004a9a757 /utils/webseal-simulator/src | |
| parent | c37bada019850822df28e2d28f10b64241467fdf (diff) | |
Fix high-severity bug 'application exposed to path traversal attack'
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Change-Id: I7f4b1e8d083cc39f8e57dcedddecc6af56fdc9c2
Issue-ID: SDC-4169
Diffstat (limited to 'utils/webseal-simulator/src')
| -rw-r--r-- | utils/webseal-simulator/src/main/webapp/WEB-INF/web.xml | 78 |
1 files changed, 42 insertions, 36 deletions
diff --git a/utils/webseal-simulator/src/main/webapp/WEB-INF/web.xml b/utils/webseal-simulator/src/main/webapp/WEB-INF/web.xml index 7535e1bdf8..a293d3c883 100644 --- a/utils/webseal-simulator/src/main/webapp/WEB-INF/web.xml +++ b/utils/webseal-simulator/src/main/webapp/WEB-INF/web.xml @@ -1,40 +1,46 @@ <?xml version="1.0" encoding="UTF-8"?> -<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" - version="3.0"> - - <display-name>Archetype Created Web Application</display-name> - - <servlet> - <servlet-name>Proxy</servlet-name> - <servlet-class>org.openecomp.sdc.webseal.simulator.SdcProxy</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>Proxy</servlet-name> - <url-pattern>/*</url-pattern> - </servlet-mapping> - - <servlet> - <servlet-name>Login</servlet-name> - <servlet-class>org.openecomp.sdc.webseal.simulator.Login</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>Login</servlet-name> - <url-pattern>/login</url-pattern> - </servlet-mapping> - - <servlet> - <servlet-name>CreateUser</servlet-name> - <servlet-class>org.openecomp.sdc.webseal.simulator.RequestsClient</servlet-class> - </servlet> - <servlet-mapping> - <servlet-name>CreateUser</servlet-name> - <url-pattern>/create</url-pattern> - </servlet-mapping> - - <welcome-file-list> - <welcome-file>login</welcome-file> - </welcome-file-list> +<web-app xmlns="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" + version="3.0"> + + <display-name>Archetype Created Web Application</display-name> + + <servlet> + <servlet-name>Proxy</servlet-name> + <servlet-class>org.openecomp.sdc.webseal.simulator.SdcProxy</servlet-class> + </servlet> + <servlet-mapping> + <servlet-name>Proxy</servlet-name> + <url-pattern>/*</url-pattern> + </servlet-mapping> + + <context-param> + <param-name>org.eclipse.jetty.servlet.Default.dirAllowed</param-name> + <param-value>false</param-value> + </context-param> + + <servlet> + <servlet-name>Login</servlet-name> + <servlet-class>org.openecomp.sdc.webseal.simulator.Login</servlet-class> + </servlet> + <servlet-mapping> + <servlet-name>Login</servlet-name> + <url-pattern>/login</url-pattern> + </servlet-mapping> + + <servlet> + <servlet-name>CreateUser</servlet-name> + <servlet-class>org.openecomp.sdc.webseal.simulator.RequestsClient</servlet-class> + </servlet> + <servlet-mapping> + <servlet-name>CreateUser</servlet-name> + <url-pattern>/create</url-pattern> + </servlet-mapping> + + <welcome-file-list> + <welcome-file>login</welcome-file> + </welcome-file-list> </web-app> |