summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/PortalServlet.java11
1 files changed, 6 insertions, 5 deletions
diff --git a/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/PortalServlet.java b/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/PortalServlet.java
index 64b8cb1e69..6378b996cf 100644
--- a/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/PortalServlet.java
+++ b/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/PortalServlet.java
@@ -37,6 +37,7 @@ import org.onap.sdc.security.AuthenticationCookie;
import org.onap.sdc.security.RepresentationUtils;
import org.openecomp.sdc.common.impl.MutableHttpServletRequest;
import org.openecomp.sdc.common.log.wrappers.Logger;
+import org.openecomp.sdc.common.util.ValidationUtils;
import org.openecomp.sdc.fe.Constants;
import org.openecomp.sdc.fe.config.Configuration;
import org.openecomp.sdc.fe.config.ConfigurationManager;
@@ -242,12 +243,12 @@ public class PortalServlet extends HttpServlet {
* @param request
* @param headers
*/
- private void addCookies(HttpServletResponse response, HttpServletRequest request, String[] headers) {
- for (int i = 0; i < headers.length; i++) {
- String currHeader = headers[i];
- String headerValue = request.getHeader(currHeader);
+ private void addCookies(final HttpServletResponse response, final HttpServletRequest request, final String[] headers) {
+ for (var i = 0; i < headers.length; i++) {
+ final var currHeader = ValidationUtils.sanitizeInputString(headers[i]);
+ final var headerValue = ValidationUtils.sanitizeInputString(request.getHeader(currHeader));
if (headerValue != null) {
- final Cookie cookie = new Cookie(currHeader, headerValue);
+ final var cookie = new Cookie(currHeader, headerValue);
cookie.setSecure(true);
response.addCookie(cookie);
}