Merge branch 'sonar-fix' into 'dev'
Fixed very severe security vulnerability (Use logger instead of System.out in SensorSocketEndpoint) See merge request sa4-2020/the-sanmarinoes/backend!122
This commit is contained in:
commit
7ab70976c9
1 changed files with 5 additions and 1 deletions
|
|
@ -13,6 +13,8 @@ import com.google.gson.Gson;
|
|||
import java.io.IOException;
|
||||
import java.util.*;
|
||||
import javax.websocket.*;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
|
|
@ -20,6 +22,8 @@ import org.springframework.stereotype.Component;
|
|||
@Component
|
||||
public class SensorSocketEndpoint extends Endpoint {
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(SensorSocketEndpoint.class);
|
||||
|
||||
private final Gson gson = GsonConfig.socketGson();
|
||||
|
||||
@Autowired private DevicePopulationService deviceService;
|
||||
|
|
@ -98,7 +102,7 @@ public class SensorSocketEndpoint extends Endpoint {
|
|||
authorizedClients.remove(u, s);
|
||||
}
|
||||
} catch (IOException e) {
|
||||
e.printStackTrace();
|
||||
logger.warn(e.getLocalizedMessage(), e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue