Fix critical cross site scripting
Change-Id: I66a220f71a2e950055107a725191b46bcbe8c6a6
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Issue-ID: SDC-3607
Issue-ID: SDC-3755
diff --git a/utils/webseal-simulator/pom.xml b/utils/webseal-simulator/pom.xml
index 02f2bdc..e9801c9 100644
--- a/utils/webseal-simulator/pom.xml
+++ b/utils/webseal-simulator/pom.xml
@@ -1,273 +1,282 @@
<project xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <artifactId>webseal-simulator</artifactId>
- <packaging>war</packaging>
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>webseal-simulator</artifactId>
+ <packaging>war</packaging>
- <parent>
- <groupId>org.openecomp.sdc</groupId>
- <artifactId>sdc-main</artifactId>
- <version>1.10.0-SNAPSHOT</version>
- <relativePath>../../</relativePath>
- </parent>
+ <parent>
+ <groupId>org.openecomp.sdc</groupId>
+ <artifactId>sdc-main</artifactId>
+ <version>1.10.0-SNAPSHOT</version>
+ <relativePath>../../</relativePath>
+ </parent>
- <properties>
- <maven.build.timestamp.format>yyyyMMdd'T'HHmmss'Z'</maven.build.timestamp.format>
- <nexus.proxy>https://nexus.onap.org</nexus.proxy>
- <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <sonar.skip>true</sonar.skip>
- </properties>
+ <properties>
+ <maven.build.timestamp.format>yyyyMMdd'T'HHmmss'Z'</maven.build.timestamp.format>
+ <nexus.proxy>https://nexus.onap.org</nexus.proxy>
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ <sonar.skip>true</sonar.skip>
+ </properties>
- <dependencies>
- <dependency>
- <groupId>javax.servlet</groupId>
- <artifactId>servlet-api</artifactId>
- <version>2.5</version>
- <scope>compile</scope>
- </dependency>
+ <dependencies>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>javax.servlet-api</artifactId>
+ <version>${javax.servlet.version}</version>
+ </dependency>
- <dependency>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpclient</artifactId>
- <version>${httpclient.version}</version>
- </dependency>
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
+ <version>${httpclient.version}</version>
+ </dependency>
- <dependency>
- <groupId>commons-logging</groupId>
- <artifactId>commons-logging-api</artifactId>
- <version>1.0.4</version>
- </dependency>
+ <dependency>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging-api</artifactId>
+ <version>1.0.4</version>
+ </dependency>
- <dependency>
- <groupId>commons-io</groupId>
- <artifactId>commons-io</artifactId>
- <version>${commons.io.version}</version>
- </dependency>
+ <dependency>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ <version>${commons.io.version}</version>
+ </dependency>
- <dependency>
- <groupId>commons-codec</groupId>
- <artifactId>commons-codec</artifactId>
- <version>${commons-codec}</version>
- <scope>compile</scope>
- </dependency>
+ <dependency>
+ <groupId>commons-codec</groupId>
+ <artifactId>commons-codec</artifactId>
+ <version>${commons-codec}</version>
+ <scope>compile</scope>
+ </dependency>
- <dependency>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-proxy</artifactId>
- <version>${jetty.version}</version>
- <scope>compile</scope>
- <exclusions>
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-http</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
+ <dependency>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-proxy</artifactId>
+ <version>${jetty.version}</version>
+ <scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-http</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
- <dependency>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-servlets</artifactId>
- <version>${jetty.version}</version>
- <scope>compile</scope>
- <exclusions>
- <exclusion>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-http</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
+ <dependency>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-servlets</artifactId>
+ <version>${jetty.version}</version>
+ <scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-http</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
- <!-- Proxy servlet -->
- <dependency>
- <groupId>com.typesafe</groupId>
- <artifactId>config</artifactId>
- <version>1.0.2</version>
- <scope>compile</scope>
- </dependency>
- <dependency>
- <groupId>org.openecomp.sdc</groupId>
- <artifactId>openecomp-sdc-logging-api</artifactId>
- <version>${project.version}</version>
- </dependency>
+ <!-- Proxy servlet -->
+ <dependency>
+ <groupId>com.typesafe</groupId>
+ <artifactId>config</artifactId>
+ <version>1.0.2</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.openecomp.sdc</groupId>
+ <artifactId>openecomp-sdc-logging-api</artifactId>
+ <version>${project.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.powermock</groupId>
+ <artifactId>powermock-module-junit4</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ </dependencies>
- </dependencies>
- <build>
- <finalName>WSSimulator-${project.version}</finalName>
- <plugins>
- <plugin>
- <groupId>com.github.sylvainlaurent.maven</groupId>
- <artifactId>yaml-json-validator-maven-plugin</artifactId>
- <executions>
- <execution>
- <id>validate</id>
- <phase>validate</phase>
- <goals>
- <goal>validate</goal>
- </goals>
- <configuration>
- <validationSets>
- <validationSet>
- <includes>
- <include>src/main/resources/**/*.y*ml</include>
- <include>src/test/resources/**/*.y*ml</include>
- </includes>
- </validationSet>
- <validationSet>
- <includes>
- <include>src/main/resources/**/*.json</include>
- <include>src/test/resources/**/*.json</include>
- </includes>
- </validationSet>
- </validationSets>
- <skip>${skipYamlJsonValidator}</skip>
- </configuration>
- </execution>
- </executions>
- </plugin>
- </plugins>
- </build>
-
- <repositories>
- <!-- LF repositories -->
- <repository>
- <id>ecomp-releases</id>
- <name>Release Repository</name>
- <url>${nexus.proxy}/content/repositories/releases/</url>
- </repository>
- <repository>
- <id>ecomp-snapshots</id>
- <name>Snapshots Repository</name>
- <url>${nexus.proxy}/content/repositories/snapshots/</url>
- </repository>
- <repository>
- <id>ecomp-public</id>
- <name>Public Repository</name>
- <url>${nexus.proxy}/content/repositories/public/</url>
- </repository>
- <!-- LF repositories END-->
- </repositories>
-
- <profiles>
- <profile>
- <id>docker</id>
- <activation>
- <activeByDefault>false</activeByDefault>
- </activation>
- <build>
+ <build>
+ <finalName>WSSimulator-${project.version}</finalName>
<plugins>
-
- <plugin>
- <artifactId>maven-clean-plugin</artifactId>
- <version>3.0.0</version>
- <executions>
- <execution>
- <id>clean-static-files</id>
- <phase>clean</phase>
- <goals>
- <goal>clean</goal>
- </goals>
- <configuration>
- <filesets>
- <fileset>
- <directory>${project.basedir}/sdc-simulator</directory>
- <includes>
- <include>*.war</include>
- </includes>
- <followSymlinks>false</followSymlinks>
- </fileset>
- </filesets>
- </configuration>
- </execution>
- </executions>
- </plugin>
-
- <plugin>
- <artifactId>maven-resources-plugin</artifactId>
- <executions>
- <execution>
- <id>copy-resources-simulator</id>
- <phase>verify</phase>
- <goals>
- <goal>copy-resources</goal>
- </goals>
- <configuration>
- <outputDirectory>${project.basedir}/sdc-simulator</outputDirectory>
- <resources>
- <resource>
- <directory>${project.basedir}/target</directory>
- <includes>
- <include>WSSimulator*.war</include>
- </includes>
- </resource>
- </resources>
- </configuration>
- </execution>
- </executions>
- </plugin>
-
-
- <plugin>
- <groupId>io.fabric8</groupId>
- <artifactId>docker-maven-plugin</artifactId>
- <configuration>
- <verbose>${verbose}</verbose>
- <apiVersion>${docker.api.version}</apiVersion>
- <registry>nexus3.onap.org:10001</registry>
- <authConfig>
- <pull>
- <username>docker</username>
- <password>docker</password>
- </pull>
- </authConfig>
- <images>
- <!-- Build simulator image -->
- <image>
- <name>onap/sdc-simulator</name>
- <alias>sdc-simulator</alias>
- <build>
- <cleanup>try</cleanup>
- <dockerFileDir>${basedir}${file.separator}sdc-simulator</dockerFileDir>
- <tags>
- <tag>latest</tag>
- <tag>
- ${parsedVersion.majorVersion}.${parsedVersion.minorVersion}-STAGING-latest
- </tag>
- <tag>${parsedVersion.majorVersion}.${parsedVersion.minorVersion}-${maven.build.timestamp}</tag>
- </tags>
- </build>
- </image>
- </images>
- </configuration>
- <executions>
- <execution>
- <id>clean-images</id>
- <phase>pre-clean</phase>
- <goals>
- <goal>remove</goal>
- </goals>
- </execution>
- <execution>
- <id>generate-images</id>
- <phase>install</phase>
- <goals>
- <goal>build</goal>
- </goals>
- </execution>
- <execution>
- <id>push-images</id>
- <phase>deploy</phase>
- <goals>
- <goal>push</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
+ <plugin>
+ <groupId>com.github.sylvainlaurent.maven</groupId>
+ <artifactId>yaml-json-validator-maven-plugin</artifactId>
+ <executions>
+ <execution>
+ <id>validate</id>
+ <phase>validate</phase>
+ <goals>
+ <goal>validate</goal>
+ </goals>
+ <configuration>
+ <validationSets>
+ <validationSet>
+ <includes>
+ <include>src/main/resources/**/*.y*ml</include>
+ <include>src/test/resources/**/*.y*ml</include>
+ </includes>
+ </validationSet>
+ <validationSet>
+ <includes>
+ <include>src/main/resources/**/*.json</include>
+ <include>src/test/resources/**/*.json</include>
+ </includes>
+ </validationSet>
+ </validationSets>
+ <skip>${skipYamlJsonValidator}</skip>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
</plugins>
- </build>
- </profile>
- </profiles>
+ </build>
+
+ <repositories>
+ <!-- LF repositories -->
+ <repository>
+ <id>ecomp-releases</id>
+ <name>Release Repository</name>
+ <url>${nexus.proxy}/content/repositories/releases/</url>
+ </repository>
+ <repository>
+ <id>ecomp-snapshots</id>
+ <name>Snapshots Repository</name>
+ <url>${nexus.proxy}/content/repositories/snapshots/</url>
+ </repository>
+ <repository>
+ <id>ecomp-public</id>
+ <name>Public Repository</name>
+ <url>${nexus.proxy}/content/repositories/public/</url>
+ </repository>
+ <!-- LF repositories END-->
+ </repositories>
+
+ <profiles>
+ <profile>
+ <id>docker</id>
+ <activation>
+ <activeByDefault>false</activeByDefault>
+ </activation>
+ <build>
+ <plugins>
+
+ <plugin>
+ <artifactId>maven-clean-plugin</artifactId>
+ <version>3.0.0</version>
+ <executions>
+ <execution>
+ <id>clean-static-files</id>
+ <phase>clean</phase>
+ <goals>
+ <goal>clean</goal>
+ </goals>
+ <configuration>
+ <filesets>
+ <fileset>
+ <directory>${project.basedir}/sdc-simulator</directory>
+ <includes>
+ <include>*.war</include>
+ </includes>
+ <followSymlinks>false</followSymlinks>
+ </fileset>
+ </filesets>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+
+ <plugin>
+ <artifactId>maven-resources-plugin</artifactId>
+ <executions>
+ <execution>
+ <id>copy-resources-simulator</id>
+ <phase>verify</phase>
+ <goals>
+ <goal>copy-resources</goal>
+ </goals>
+ <configuration>
+ <outputDirectory>${project.basedir}/sdc-simulator
+ </outputDirectory>
+ <resources>
+ <resource>
+ <directory>${project.basedir}/target</directory>
+ <includes>
+ <include>WSSimulator*.war</include>
+ </includes>
+ </resource>
+ </resources>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+
+
+ <plugin>
+ <groupId>io.fabric8</groupId>
+ <artifactId>docker-maven-plugin</artifactId>
+ <configuration>
+ <verbose>${verbose}</verbose>
+ <apiVersion>${docker.api.version}</apiVersion>
+ <registry>nexus3.onap.org:10001</registry>
+ <authConfig>
+ <pull>
+ <username>docker</username>
+ <password>docker</password>
+ </pull>
+ </authConfig>
+ <images>
+ <!-- Build simulator image -->
+ <image>
+ <name>onap/sdc-simulator</name>
+ <alias>sdc-simulator</alias>
+ <build>
+ <cleanup>try</cleanup>
+ <dockerFileDir>${basedir}${file.separator}sdc-simulator
+ </dockerFileDir>
+ <tags>
+ <tag>latest</tag>
+ <tag>
+ ${parsedVersion.majorVersion}.${parsedVersion.minorVersion}-STAGING-latest
+ </tag>
+ <tag>
+ ${parsedVersion.majorVersion}.${parsedVersion.minorVersion}-${maven.build.timestamp}
+ </tag>
+ </tags>
+ </build>
+ </image>
+ </images>
+ </configuration>
+ <executions>
+ <execution>
+ <id>clean-images</id>
+ <phase>pre-clean</phase>
+ <goals>
+ <goal>remove</goal>
+ </goals>
+ </execution>
+ <execution>
+ <id>generate-images</id>
+ <phase>install</phase>
+ <goals>
+ <goal>build</goal>
+ </goals>
+ </execution>
+ <execution>
+ <id>push-images</id>
+ <phase>deploy</phase>
+ <goals>
+ <goal>push</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ </profiles>
</project>