diff options
Diffstat (limited to 'modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml')
-rw-r--r-- | modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml b/modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml new file mode 100644 index 00000000..9b12a750 --- /dev/null +++ b/modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml @@ -0,0 +1,50 @@ +<?xml version="1.0" encoding="UTF-8"?> +<FindBugsFilter> + <Match> + <!-- Do not check code generated by Apache CXF framework --> + <Class name="~szrservices.*"/> + <Class name="~at.gv.e_government.reference.namespace.persondata.*" /> + <Class name="~org.w3._2000._09.xmldsig.*" /> + </Match> + <Match> + <!-- Logging of SAML2 responses in case of errors or for debugging is allowed --> + <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" /> + <Method name="getPendingRequestId" /> + <Bug pattern="CRLF_INJECTION_LOGS" /> + </Match> + <Match> + <!-- CSFR protection is implemented by pendingRequestId that is an one-time token --> + <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.idaustriaclient.controller.IdAustriaClientAuthSignalController" /> + <Method name="performAuthentication" /> + <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" /> + </Match> + <Match> + <!-- CSFR protection is implemented by pendingRequestId that is an one-time token --> + <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" /> + <Method name="restoreEidasAuthProcess" /> + <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" /> + </Match> + <Match> + <!-- File path is only loaded from configuration --> + <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry" /> + <Method name="initialize" /> + <Bug pattern="PATH_TRAVERSAL_IN" /> + </Match> + <Match> + <!-- Redirect URL is only loaded from configuration --> + <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask" /> + <Method name="sendRedirect" /> + <Bug pattern="UNVALIDATED_REDIRECT" /> + </Match> + <Match> + <!-- Builder pattern does not expose date elements --> + <OR> + <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData" /> + <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils$JwsResult"/> + </OR> + <OR> + <Bug pattern="EI_EXPOSE_REP" /> + <Bug pattern="EI_EXPOSE_REP2" /> + </OR> + </Match> +</FindBugsFilter> |