From 345a8534ff39cc9550cbacabe2b3fffe20293508 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Thu, 22 Jun 2017 14:26:15 +0200 Subject: implement a workaround to fix XXE and SSRF problems in an old XMLStreamParser implementation of a third party library --- BKUOnline/src/main/webapp/WEB-INF/web.xml | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'BKUOnline/src/main/webapp/WEB-INF') diff --git a/BKUOnline/src/main/webapp/WEB-INF/web.xml b/BKUOnline/src/main/webapp/WEB-INF/web.xml index 5033cc5e..5779fc97 100644 --- a/BKUOnline/src/main/webapp/WEB-INF/web.xml +++ b/BKUOnline/src/main/webapp/WEB-INF/web.xml @@ -175,6 +175,14 @@ RequestIdFilter at.gv.egiz.bku.online.webapp.TransactionIdFilter + + StalSecurityFilter + at.gv.egiz.bku.online.filter.StalSecurityFilter + + + StalSecurityFilter + STALService + RequestIdFilter HTTPSecurityLayerServlet -- cgit v1.2.3