aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJvD_Ericsson <jeff.van.dam@est.tech>2023-10-10 13:35:20 +0100
committerJEFF VAN DAM <jeff.van.dam@est.tech>2023-10-12 12:17:35 +0000
commitb2bfa0ea4eda5867d9fec8edc1e8ca11e648f194 (patch)
tree757bec5d5e6e9a03133230c2827553e01c93556e
parentd1864800b7b4f320d469e053921035bf98da7d72 (diff)
Upgrade vunerable depenecncies
can't upgrade springframework to 6.0.12 since 6.0.12 requires java 17 Issue-ID: SDC-4653 Signed-off-by: JvD_Ericsson <jeff.van.dam@est.tech> Change-Id: I041fb124472b6385d50877d25cb989303f3dbb08
-rw-r--r--.readthedocs.yaml5
-rw-r--r--pom.xml2
-rw-r--r--sdc-workflow-designer-be/pom.xml4
-rw-r--r--sdc-workflow-designer-ui/src/main/java/org/onap/workflow/web/SSLProxyServlet.java32
4 files changed, 23 insertions, 20 deletions
diff --git a/.readthedocs.yaml b/.readthedocs.yaml
index 3797dc8b..e442ca78 100644
--- a/.readthedocs.yaml
+++ b/.readthedocs.yaml
@@ -9,10 +9,11 @@ formats:
- htmlzip
build:
- image: latest
+ os: ubuntu-20.04
+ tools:
+ python: "3.8"
python:
- version: 3.7
install:
- requirements: docs/requirements-docs.txt
diff --git a/pom.xml b/pom.xml
index 9ab8d958..4f542669 100644
--- a/pom.xml
+++ b/pom.xml
@@ -53,7 +53,7 @@
<build-helper-maven-plugin.version>3.3.0</build-helper-maven-plugin.version>
<docker.api.version>1.41</docker.api.version>
<checkstyle.skip>true</checkstyle.skip>
- <jetty.version>9.4.49.v20220914</jetty.version>
+ <jetty.version>10.0.16</jetty.version>
</properties>
<parent>
diff --git a/sdc-workflow-designer-be/pom.xml b/sdc-workflow-designer-be/pom.xml
index 7e2d39c0..e3b29938 100644
--- a/sdc-workflow-designer-be/pom.xml
+++ b/sdc-workflow-designer-be/pom.xml
@@ -15,7 +15,7 @@
<properties>
<spring.boot.version>2.2.13.RELEASE</spring.boot.version>
- <org.springframework.version>5.2.23.RELEASE</org.springframework.version>
+ <org.springframework.version>5.3.30</org.springframework.version>
<mapstruct.version>1.5.3.Final</mapstruct.version>
<lombok.version>1.18.26</lombok.version>
<springfox.version>3.0.0</springfox.version>
@@ -51,7 +51,7 @@
<dependency>
<groupId>org.codehaus.janino</groupId>
<artifactId>janino</artifactId>
- <version>3.0.16</version>
+ <version>3.1.10</version>
<scope>runtime</scope>
</dependency>
<dependency>
diff --git a/sdc-workflow-designer-ui/src/main/java/org/onap/workflow/web/SSLProxyServlet.java b/sdc-workflow-designer-ui/src/main/java/org/onap/workflow/web/SSLProxyServlet.java
index 775706d2..91d456d1 100644
--- a/sdc-workflow-designer-ui/src/main/java/org/onap/workflow/web/SSLProxyServlet.java
+++ b/sdc-workflow-designer-ui/src/main/java/org/onap/workflow/web/SSLProxyServlet.java
@@ -22,21 +22,23 @@
package org.onap.workflow.web;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.Enumeration;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.client.HttpClient;
import org.eclipse.jetty.client.api.Request;
+import org.eclipse.jetty.client.dynamic.HttpClientTransportDynamic;
+import org.eclipse.jetty.http.HttpFields;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.http.HttpScheme;
+import org.eclipse.jetty.io.ClientConnector;
import org.eclipse.jetty.proxy.ProxyServlet;
import org.eclipse.jetty.util.URIUtil;
import org.eclipse.jetty.util.ssl.SslContextFactory;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.util.Enumeration;
-
/***
* Class that provides the proxy implementation for both secured and unsecured backend connections.
@@ -85,8 +87,9 @@ public class SSLProxyServlet extends ProxyServlet {
private void initProxyUrl() throws ServletException, MalformedURLException {
- if (SSLProxyServlet.proxyUrl != null)
+ if (SSLProxyServlet.proxyUrl != null) {
return;
+ }
String proxyUrlStr = System.getProperty(PROXY_TO);
if (proxyUrlStr == null) {
throw new ServletException("-D" + PROXY_TO + " must be specified");
@@ -113,12 +116,12 @@ public class SSLProxyServlet extends ProxyServlet {
Enumeration<String> headerNames = request.getHeaderNames();
while (headerNames.hasMoreElements()) {
String headerName = headerNames.nextElement();
- if (!proxyRequest.getHeaders().containsKey(headerName)) {
+ if (!proxyRequest.getHeaders().contains(headerName)) {
String headerVal = request.getHeader(headerName);
proxyRequest.header(headerName, headerVal);
}
}
- proxyRequest.getHeaders().remove(HttpHeader.HOST);
+ ((HttpFields.Mutable) proxyRequest.getHeaders()).remove(HttpHeader.HOST);
super.sendProxyRequest(request, response, proxyRequest);
}
@@ -131,7 +134,7 @@ public class SSLProxyServlet extends ProxyServlet {
proxyUrl.getProtocol().equalsIgnoreCase(HttpScheme.HTTPS.toString()));
if ((isSecureClient)) {
String trustAll = System.getProperty(TRUST_ALL);
- SslContextFactory sslContextFactory = null;
+ SslContextFactory.Client sslContextFactory = null;
if (trustAll != null && Boolean.parseBoolean(trustAll) == Boolean.TRUE) {
sslContextFactory = new SslContextFactory.Client(true);
} else {
@@ -157,8 +160,9 @@ public class SSLProxyServlet extends ProxyServlet {
sslContextFactory.setIncludeCipherSuites(System.getProperty(KEYSTORE_CYPHER));
}
}
-
- return new HttpClient(sslContextFactory);
+ ClientConnector clientConnector = new ClientConnector();
+ clientConnector.setSslContextFactory(sslContextFactory);
+ return new HttpClient(new HttpClientTransportDynamic(clientConnector));
} else {
return super.newHttpClient();
@@ -178,7 +182,6 @@ public class SSLProxyServlet extends ProxyServlet {
HttpClient client = super.createHttpClient();
setTimeout(TIMEOUT);
client.setIdleTimeout(TIMEOUT);
- client.setStopTimeout(TIMEOUT);
if (System.getProperty(MAX_POOL_CONNECTIONS) != null) {
client.setMaxConnectionsPerDestination(
Integer.valueOf(System.getProperty(MAX_POOL_CONNECTIONS)));
@@ -188,7 +191,6 @@ public class SSLProxyServlet extends ProxyServlet {
}
-
@Override
protected String rewriteTarget(HttpServletRequest request) {