aboutsummaryrefslogtreecommitdiff
path: root/modules/eidas_proxy-sevice/checks
diff options
context:
space:
mode:
authorThomas <>2022-03-08 19:06:10 +0100
committerThomas <>2022-03-08 19:06:10 +0100
commit7bf7c3c03fd3a1efeaf3f8e3dd75922e2f5f9921 (patch)
tree6e4ec82475f4f30275d3e0a0305ad3c2d340e0d3 /modules/eidas_proxy-sevice/checks
parent300bd1b44f521a2b33c259be1f8d21eba58c1a31 (diff)
downloadNational_eIDAS_Gateway-7bf7c3c03fd3a1efeaf3f8e3dd75922e2f5f9921.tar.gz
National_eIDAS_Gateway-7bf7c3c03fd3a1efeaf3f8e3dd75922e2f5f9921.tar.bz2
National_eIDAS_Gateway-7bf7c3c03fd3a1efeaf3f8e3dd75922e2f5f9921.zip
refactor(core): move all project libs into sub-project 'modules'
Diffstat (limited to 'modules/eidas_proxy-sevice/checks')
-rw-r--r--modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml20
1 files changed, 20 insertions, 0 deletions
diff --git a/modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml b/modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml
new file mode 100644
index 00000000..cdc9fa95
--- /dev/null
+++ b/modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<FindBugsFilter>
+ <Match>
+ <!-- CSRF protection is implicit available by request token from eIDAS Node and tokens only be logged on trace level -->
+ <Class name="at.asitplus.eidas.specific.modules.msproxyservice.protocol.EidasProxyServiceController" />
+ <Method name="receiveEidasAuthnRequest" />
+ <OR>
+ <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" />
+ <Bug pattern="CRLF_INJECTION_LOGS" />
+ </OR>
+ </Match>
+ <Match>
+ <!-- Redirect-URL is set by configuration only. Therefore it's trusted -->
+ <Class name="at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServiceAuthenticationAction" />
+ <Method name="forwardToEidasProxy" />
+ <OR>
+ <Bug pattern="UNVALIDATED_REDIRECT" />
+ </OR>
+ </Match>
+</FindBugsFilter>