Merge branch 'sonar-fix' into 'dev'
Fixed very severe security vulnerability (Use logger instead of System.out in SensorSocketEndpoint) See merge request sa4-2020/the-sanmarinoes/backend!122
This commit is contained in:
commit
7ab70976c9
1 changed files with 5 additions and 1 deletions
|
|
@ -13,6 +13,8 @@ import com.google.gson.Gson;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.util.*;
|
import java.util.*;
|
||||||
import javax.websocket.*;
|
import javax.websocket.*;
|
||||||
|
import org.slf4j.Logger;
|
||||||
|
import org.slf4j.LoggerFactory;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
|
|
||||||
|
|
@ -20,6 +22,8 @@ import org.springframework.stereotype.Component;
|
||||||
@Component
|
@Component
|
||||||
public class SensorSocketEndpoint extends Endpoint {
|
public class SensorSocketEndpoint extends Endpoint {
|
||||||
|
|
||||||
|
private static final Logger logger = LoggerFactory.getLogger(SensorSocketEndpoint.class);
|
||||||
|
|
||||||
private final Gson gson = GsonConfig.socketGson();
|
private final Gson gson = GsonConfig.socketGson();
|
||||||
|
|
||||||
@Autowired private DevicePopulationService deviceService;
|
@Autowired private DevicePopulationService deviceService;
|
||||||
|
|
@ -98,7 +102,7 @@ public class SensorSocketEndpoint extends Endpoint {
|
||||||
authorizedClients.remove(u, s);
|
authorizedClients.remove(u, s);
|
||||||
}
|
}
|
||||||
} catch (IOException e) {
|
} catch (IOException e) {
|
||||||
e.printStackTrace();
|
logger.warn(e.getLocalizedMessage(), e);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue