From ddb9d5a7637b382be9ac7a96ad023a983c41c342 Mon Sep 17 00:00:00 2001
From: vasraz <vasyl.razinkov@est.tech>
Date: Fri, 14 Oct 2022 13:35:39 +0100
Subject: Fix security risk 'Improper Input Validation'

Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Change-Id: I6a52148aec3b567db43ec57109214e52d106f73c
Issue-ID: SDC-4189
---
 .../sdc-catalog-be/templates/default/BE-configuration.yaml.erb         | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates')

diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb
index 5706a16553..9a2437c2c1 100644
--- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb
+++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb
@@ -1293,5 +1293,8 @@ externalCsarStore:
 #This configuration specifies the delimiter used to differentiate instance name and count
 componentInstanceCounterDelimiter: " "
 
+# Comma separated list of excluded URLs by the DataValidatorFilter
+dataValidatorFilterExcludedUrls: "/healthCheck,/followed,/authorize"
+
 #Space separated list of permitted ancestors
 permittedAncestors: <%= @permittedAncestors %>
-- 
cgit 1.2.3-korg