diff options
author | Kristóf Marussy <kristof@marussy.com> | 2024-02-24 21:25:57 +0100 |
---|---|---|
committer | Kristóf Marussy <kristof@marussy.com> | 2024-02-24 21:28:15 +0100 |
commit | 9bd982b1054c5e9f4a11c4788644e9e15bb23558 (patch) | |
tree | 05441cef8cd5e77ac951471ea4de57b648fb8f9d | |
parent | Merge pull request #55 from kris7t/svg-export (diff) | |
download | refinery-9bd982b1054c5e9f4a11c4788644e9e15bb23558.tar.gz refinery-9bd982b1054c5e9f4a11c4788644e9e15bb23558.tar.zst refinery-9bd982b1054c5e9f4a11c4788644e9e15bb23558.zip |
fix(web): Sonar security issue
See
https://sonarcloud.io/organizations/graphs4value/rules?open=java%3AS1989&rule_key=java%3AS1989
-rw-r--r-- | subprojects/language-web/src/main/java/tools/refinery/language/web/config/BackendConfigServlet.java | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/subprojects/language-web/src/main/java/tools/refinery/language/web/config/BackendConfigServlet.java b/subprojects/language-web/src/main/java/tools/refinery/language/web/config/BackendConfigServlet.java index 7d0a5122..5a57ad71 100644 --- a/subprojects/language-web/src/main/java/tools/refinery/language/web/config/BackendConfigServlet.java +++ b/subprojects/language-web/src/main/java/tools/refinery/language/web/config/BackendConfigServlet.java | |||
@@ -12,10 +12,14 @@ import jakarta.servlet.http.HttpServlet; | |||
12 | import jakarta.servlet.http.HttpServletRequest; | 12 | import jakarta.servlet.http.HttpServletRequest; |
13 | import jakarta.servlet.http.HttpServletResponse; | 13 | import jakarta.servlet.http.HttpServletResponse; |
14 | import org.eclipse.jetty.http.HttpStatus; | 14 | import org.eclipse.jetty.http.HttpStatus; |
15 | import org.slf4j.Logger; | ||
16 | import org.slf4j.LoggerFactory; | ||
15 | 17 | ||
16 | import java.io.IOException; | 18 | import java.io.IOException; |
17 | 19 | ||
18 | public class BackendConfigServlet extends HttpServlet { | 20 | public class BackendConfigServlet extends HttpServlet { |
21 | private static final Logger LOG = LoggerFactory.getLogger(BackendConfigServlet.class); | ||
22 | |||
19 | public static final String WEBSOCKET_URL_INIT_PARAM = "tools.refinery.language.web.config.BackendConfigServlet" + | 23 | public static final String WEBSOCKET_URL_INIT_PARAM = "tools.refinery.language.web.config.BackendConfigServlet" + |
20 | ".webSocketUrl"; | 24 | ".webSocketUrl"; |
21 | 25 | ||
@@ -31,11 +35,19 @@ public class BackendConfigServlet extends HttpServlet { | |||
31 | } | 35 | } |
32 | 36 | ||
33 | @Override | 37 | @Override |
34 | protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { | 38 | protected void doGet(HttpServletRequest req, HttpServletResponse resp) { |
35 | resp.setStatus(HttpStatus.OK_200); | 39 | resp.setStatus(HttpStatus.OK_200); |
36 | resp.setContentType("application/json"); | 40 | resp.setContentType("application/json"); |
37 | var writer = resp.getWriter(); | 41 | try { |
38 | writer.write(serializedConfig); | 42 | var writer = resp.getWriter(); |
39 | writer.flush(); | 43 | writer.write(serializedConfig); |
44 | writer.flush(); | ||
45 | } catch (IOException e) { | ||
46 | LOG.error("Failed to write backend config", e); | ||
47 | if (!resp.isCommitted()) { | ||
48 | resp.reset(); | ||
49 | resp.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); | ||
50 | } | ||
51 | } | ||
40 | } | 52 | } |
41 | } | 53 | } |