diff options
Diffstat (limited to 'modules/eidas_proxy-sevice/checks')
-rw-r--r-- | modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml b/modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml new file mode 100644 index 00000000..cdc9fa95 --- /dev/null +++ b/modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml @@ -0,0 +1,20 @@ +<?xml version="1.0" encoding="UTF-8"?> +<FindBugsFilter> + <Match> + <!-- CSRF protection is implicit available by request token from eIDAS Node and tokens only be logged on trace level --> + <Class name="at.asitplus.eidas.specific.modules.msproxyservice.protocol.EidasProxyServiceController" /> + <Method name="receiveEidasAuthnRequest" /> + <OR> + <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" /> + <Bug pattern="CRLF_INJECTION_LOGS" /> + </OR> + </Match> + <Match> + <!-- Redirect-URL is set by configuration only. Therefore it's trusted --> + <Class name="at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServiceAuthenticationAction" /> + <Method name="forwardToEidasProxy" /> + <OR> + <Bug pattern="UNVALIDATED_REDIRECT" /> + </OR> + </Match> +</FindBugsFilter> |