aboutsummaryrefslogtreecommitdiff
path: root/eidas_modules/eidas_proxy-sevice/checks
diff options
context:
space:
mode:
Diffstat (limited to 'eidas_modules/eidas_proxy-sevice/checks')
-rw-r--r--eidas_modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml12
1 files changed, 12 insertions, 0 deletions
diff --git a/eidas_modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml b/eidas_modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml
new file mode 100644
index 00000000..53ca4d4d
--- /dev/null
+++ b/eidas_modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<FindBugsFilter>
+ <Match>
+ <!-- CSRF protection is implicit available by request token from eIDAS Node and tokens only be logged on trace level -->
+ <Class name="at.asitplus.eidas.specific.modules.msproxyservice.protocol.EidasProxyServiceController" />
+ <Method name="receiveEidasAuthnRequest" />
+ <OR>
+ <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" />
+ <Bug pattern="CRLF_INJECTION_LOGS" />
+ </OR>
+ </Match>
+</FindBugsFilter>
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-09 01:31:13 +0000