diff options
Diffstat (limited to 'eaaf_core/checks')
| -rw-r--r-- | eaaf_core/checks/spotbugs-exclude.xml | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/eaaf_core/checks/spotbugs-exclude.xml b/eaaf_core/checks/spotbugs-exclude.xml index d1cc43e3..70f27b81 100644 --- a/eaaf_core/checks/spotbugs-exclude.xml +++ b/eaaf_core/checks/spotbugs-exclude.xml @@ -19,6 +19,12 @@ <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" /> </Match> <Match> + <!-- the ErrorToken is only single-used as same as a CSRF token --> + <Class name="at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController"/> + <Method name="errorRedirect" /> + <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" /> + </Match> + <Match> <!-- Only used to evaluate expressions from pre-compiled process-flows --> <OR> <Class name="at.gv.egiz.eaaf.core.impl.idp.process.springweb.SpringWebExpressionEvaluator"/> |