From ddb9d5a7637b382be9ac7a96ad023a983c41c342 Mon Sep 17 00:00:00 2001
From: vasraz <vasyl.razinkov@est.tech>
Date: Fri, 14 Oct 2022 13:35:39 +0100
Subject: Fix security risk 'Improper Input Validation'

Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Change-Id: I6a52148aec3b567db43ec57109214e52d106f73c
Issue-ID: SDC-4189
---
 .../src/main/webapp/WEB-INF/web.xml                | 52 +++++++++++++---------
 1 file changed, 32 insertions(+), 20 deletions(-)

(limited to 'openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/web.xml')

diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/web.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/web.xml
index eb8bd9e93f..31400f878e 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/web.xml
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/webapp/WEB-INF/web.xml
@@ -24,9 +24,19 @@
         <listener-class>org.openecomp.server.listeners.OnboardingAppStartupListener</listener-class>
     </listener>
 
+    <filter>
+        <filter-name>dataValidatorFilter</filter-name>
+        <filter-class>org.openecomp.sdc.common.filters.DataValidatorFilter</filter-class>
+    </filter>
+    <filter-mapping>
+        <filter-name>dataValidatorFilter</filter-name>
+        <url-pattern>/v1.0/*</url-pattern>
+    </filter-mapping>
+
     <filter>
         <filter-name>contentSecurityPolicyHeaderFilter</filter-name>
-        <filter-class>org.openecomp.sdc.common.filters.ContentSecurityPolicyHeaderFilter</filter-class>
+        <filter-class>org.openecomp.sdc.common.filters.ContentSecurityPolicyHeaderFilter
+        </filter-class>
         <async-supported>true</async-supported>
     </filter>
     <filter-mapping>
@@ -41,9 +51,6 @@
     <filter-mapping>
         <filter-name>PermissionsFilter</filter-name>
         <url-pattern>/v1.0/vendor-license-models/*</url-pattern>
-    </filter-mapping>
-    <filter-mapping>
-        <filter-name>PermissionsFilter</filter-name>
         <url-pattern>/v1.0/vendor-software-products/*</url-pattern>
     </filter-mapping>
 
@@ -63,6 +70,10 @@
             <param-value>*</param-value>
         </init-param>
     </filter>
+    <filter-mapping>
+        <filter-name>cross-origin</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
 
     <filter>
         <filter-name>RestrictionAccessFilter</filter-name>
@@ -73,34 +84,34 @@
         <filter-name>RestrictionAccessFilter</filter-name>
         <url-pattern>/*</url-pattern>
     </filter-mapping>
+
     <filter>
         <filter-name>BasicAuth</filter-name>
         <filter-class>org.openecomp.server.filters.BasicAuthenticationFilter</filter-class>
     </filter>
-    <filter>
-        <filter-name>AuthN</filter-name>
-        <filter-class>org.openecomp.server.filters.ActionAuthenticationFilter</filter-class>
-    </filter>
-    <filter>
-        <filter-name>AuthZ</filter-name>
-        <filter-class>org.openecomp.server.filters.ActionAuthorizationFilter</filter-class>
-    </filter>
-    <filter-mapping>
-        <filter-name>cross-origin</filter-name>
-        <url-pattern>/*</url-pattern>
-    </filter-mapping>
     <filter-mapping>
         <filter-name>BasicAuth</filter-name>
         <url-pattern>/1.0/*</url-pattern>
     </filter-mapping>
+
+    <filter>
+        <filter-name>AuthN</filter-name>
+        <filter-class>org.openecomp.server.filters.ActionAuthenticationFilter</filter-class>
+    </filter>
     <filter-mapping>
         <filter-name>AuthN</filter-name>
         <url-pattern>/workflow/v1.0/actions/*</url-pattern>
     </filter-mapping>
+
+    <filter>
+        <filter-name>AuthZ</filter-name>
+        <filter-class>org.openecomp.server.filters.ActionAuthorizationFilter</filter-class>
+    </filter>
     <filter-mapping>
         <filter-name>AuthZ</filter-name>
         <url-pattern>/workflow/v1.0/actions/*</url-pattern>
     </filter-mapping>
+
     <filter>
         <filter-name>SessionContextFilter</filter-name>
         <filter-class>org.openecomp.server.filters.OnboardingSessionContextFilter</filter-class>
@@ -109,6 +120,7 @@
         <filter-name>SessionContextFilter</filter-name>
         <url-pattern>/*</url-pattern>
     </filter-mapping>
+
     <!-- Spring WS Mapping -->
     <servlet>
         <servlet-name>spring-mapper</servlet-name>
@@ -117,6 +129,10 @@
         </servlet-class>
         <load-on-startup>1</load-on-startup>
     </servlet>
+    <servlet-mapping>
+        <servlet-name>spring-mapper</servlet-name>
+        <url-pattern>/ws/*</url-pattern>
+    </servlet-mapping>
     <!-- CXF -->
     <servlet>
         <servlet-name>CXFServlet</servlet-name>
@@ -141,10 +157,6 @@
         </init-param>
         <load-on-startup>1</load-on-startup>
     </servlet>
-    <servlet-mapping>
-        <servlet-name>spring-mapper</servlet-name>
-        <url-pattern>/ws/*</url-pattern>
-    </servlet-mapping>
     <servlet-mapping>
         <servlet-name>CXFServlet</servlet-name>
         <url-pattern>/*</url-pattern>
-- 
cgit 1.2.3-korg