Skip to content

Commit 3c3c7b7

Browse files
z-sztromz-sztrom
committed
Cross-site scripting resolved
1 parent bc1181c commit 3c3c7b7

File tree

1 file changed

+8
-3
lines changed

1 file changed

+8
-3
lines changed

publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/controller/ProducerController.java

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -357,6 +357,11 @@ public ResponseEntity generateAndPublish(final String msgProtocol, final String
357357
mp = msgProtocol;
358358
}
359359

360+
String mt= null;
361+
if (!StringUtils.isEmpty(msgType)) {
362+
mt = msgType;
363+
}
364+
360365
MsgService msgService = null;
361366
if (StringUtils.isEmpty(msgProtocol) ||
362367
((msgService = PublishUtils.getMessageService(msgProtocol, msgServices)) == null)) {
@@ -398,9 +403,9 @@ public ResponseEntity generateAndPublish(final String msgProtocol, final String
398403
parsedTemplates.append("[");
399404
for (JsonElement eventJson : events) {
400405
// -- parse params in incoming request -> body -------------
401-
if (!eventTypeExists(msgService, msgType)) {
406+
if (!eventTypeExists(msgService, mt)) {
402407
return createResponseEntity(HttpStatus.BAD_REQUEST, JSON_ERROR_STATUS,
403-
"Unknown event type '" + msgType + "'");
408+
"Unknown event type '" + mt + "'");
404409
}
405410

406411
JsonNode parsedTemplate = eventTemplateHandler.eventTemplateParser(eventJson.toString(), msgType);
@@ -427,7 +432,7 @@ public ResponseEntity generateAndPublish(final String msgProtocol, final String
427432
+ appendAttributeAndValue("okToLeaveOutInvalidOptionalFields", ensureValueNonNull(okToLeaveOutInvalidOptionalFields));
428433

429434
ResponseEntity<String> response = restTemplate.postForEntity(generateUrl,
430-
entity, String.class, generateURLTemplate.getMap(mp, msgType));
435+
entity, String.class, generateURLTemplate.getMap(mp, mt));
431436

432437
responseStatus = response.getStatusCode();
433438
String responseBody = null;

0 commit comments

Comments
 (0)