From 987fc74925dc4051f08913393924d2b826d7e59c Mon Sep 17 00:00:00 2001 From: vasraz Date: Mon, 29 Nov 2021 17:42:02 +0000 Subject: Fix vulnerable dependency Signed-off-by: Vasyl Razinkov Issue-ID: SDC-3795 Change-Id: Ib6f7902b2f8380ad9febcc2fad0374e8070af15c --- common-app-api/pom.xml | 8 +++++++- .../main/java/org/openecomp/sdc/common/util/ValidationUtils.java | 5 +++-- 2 files changed, 10 insertions(+), 3 deletions(-) (limited to 'common-app-api') diff --git a/common-app-api/pom.xml b/common-app-api/pom.xml index 8dbed601e5..e1640e5745 100644 --- a/common-app-api/pom.xml +++ b/common-app-api/pom.xml @@ -126,6 +126,12 @@ httpclient ${httpclient.version} provided + + + org.apache.httpcomponents + httpcore + + @@ -277,7 +283,7 @@ org.jsoup jsoup - 1.8.3 + 1.14.3 diff --git a/common-app-api/src/main/java/org/openecomp/sdc/common/util/ValidationUtils.java b/common-app-api/src/main/java/org/openecomp/sdc/common/util/ValidationUtils.java index 82e1b924b6..a0403de8ff 100644 --- a/common-app-api/src/main/java/org/openecomp/sdc/common/util/ValidationUtils.java +++ b/common-app-api/src/main/java/org/openecomp/sdc/common/util/ValidationUtils.java @@ -33,7 +33,7 @@ import org.apache.commons.text.StringEscapeUtils; import org.apache.commons.text.WordUtils; import org.apache.commons.validator.routines.UrlValidator; import org.jsoup.Jsoup; -import org.jsoup.safety.Whitelist; +import org.jsoup.safety.Safelist; public class ValidationUtils { @@ -117,6 +117,7 @@ public class ValidationUtils { public static final Integer POLICY_MAX_LENGTH = 1024; public static final Pattern POLICY_NAME_PATTERN = Pattern.compile("^[\\w][\\w \\.\\-\\_\\:\\+]{0," + (POLICY_MAX_LENGTH - 1) + "}$"); private static final Set CATEGORY_CONJUNCTIONS = new HashSet<>(Arrays.asList("of", "to", "for", "as", "a", "an", "the")); + private ValidationUtils() { } @@ -262,7 +263,7 @@ public class ValidationUtils { } public static String removeHtmlTags(String str) { - return Jsoup.clean(str, Whitelist.none()); + return Jsoup.clean(str, Safelist.none()); } public static String removeAllTags(String htmlText) { -- cgit 1.2.3-korg