Fixed very severe security vulnerability (Use logger instead of System.out in SensorSocketEndpoint)

This commit is contained in:
Claudio Maggioni (maggicl) 2020-05-09 13:18:33 +02:00
parent bd32a2aebb
commit ba02475c83

View file

@ -13,6 +13,8 @@ import com.google.gson.Gson;
import java.io.IOException;
import java.util.*;
import javax.websocket.*;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
@ -20,6 +22,8 @@ import org.springframework.stereotype.Component;
@Component
public class SensorSocketEndpoint extends Endpoint {
private static final Logger logger = LoggerFactory.getLogger(SensorSocketEndpoint.class);
private final Gson gson = GsonConfig.socketGson();
@Autowired private DevicePopulationService deviceService;
@ -98,7 +102,7 @@ public class SensorSocketEndpoint extends Endpoint {
authorizedClients.remove(u, s);
}
} catch (IOException e) {
e.printStackTrace();
logger.warn(e.getLocalizedMessage(), e);
}
}
}