summaryrefslogtreecommitdiff
path: root/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java')
-rw-r--r--id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java8
1 files changed, 4 insertions, 4 deletions
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
index df67ca2f1..309e0745b 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
@@ -116,14 +116,14 @@ public static final List<String> KEYWHITELIST;
log.trace("Extract C-PEPS for country: " + cc + " with URL:" + url);
if (!validatedCPeps.containsKey(cc)) {
if (MiscUtil.isNotEmpty(cc)) {
- if (ValidationHelper.containsPotentialCSSCharacter(cc, false)) {
+ if (ValidationHelper.containsNotValidCharacter(cc, false)) {
log.warn("CPEPS config countrycode contains potentail XSS characters: " + cc);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
+ "." + cpepsKey,
"STORK - CPEPS Country",
LanguageHelper.getErrorString("validation.stork.cpeps.cc",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+ new Object[] {ValidationHelper.getNotValidCharacter(false)})));
}
if(!cc.toLowerCase().matches("(^[a-z][a-z]$)|(^[a-z][a-z]-[a-z,0-9]*)")) {
log.warn("CPEPS config countrycode does not comply to ISO 3166-2 : " + cc);
@@ -215,13 +215,13 @@ public static final List<String> KEYWHITELIST;
String value = attributeList.get(key);
value = value.replace("eidas/attributes/", ""); // since eIDaS attributes come with a "/", we need to exclude them from validation. TODO Or should we require the admin to escape them in the UI?
if (!validatedAttributes.contains(value)) {
- if (ValidationHelper.containsPotentialCSSCharacter(value, true)) {
+ if (ValidationHelper.containsNotValidCharacter(value, true)) {
log.warn("default attributes contains potentail XSS characters: " + value);
errors.add(new ValidationObjectIdentifier(
MOAIDConfigurationConstants.GENERAL_AUTH_STORK_QAA,
"STORK - Attributes",
LanguageHelper.getErrorString("validation.stork.requestedattributes",
- new Object[] {ValidationHelper.getPotentialCSSCharacter(true)})));
+ new Object[] {ValidationHelper.getNotValidCharacter(true)})));
}
if(!value.toLowerCase().matches("^[A-Za-z]*$")) {
log.warn("default attributes do not match the requested format : " + value);
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-12 20:59:06 +0000