Merge pull request #1 from abi231002/logInjection

fixed: Log injection
eclipse-tractusx · Sep 22, 2023 · 6e039f4 · 6e039f4
2 parents 50c0f3f + ce573cc
commit 6e039f4
Show file tree

Hide file tree

Showing 2 changed files with 52 additions and 2 deletions.
diff --git a/...usx/traceability/qualitynotification/infrastructure/edc/model/EDCNotificationContent.java b/...usx/traceability/qualitynotification/infrastructure/edc/model/EDCNotificationContent.java
@@ -22,10 +22,26 @@
 
 import com.fasterxml.jackson.annotation.JsonInclude;
 
+import java.util.ArrayList;
 import java.util.List;
 
 @JsonInclude(JsonInclude.Include.NON_NULL)
 public record EDCNotificationContent(
         String information,
         List<String> listOfAffectedItems) {
+
+    @Override
+    public String toString() {
+        String cleanInformation = information.replaceAll("\r\n|\r|\n", " ");
+        List<String> cleanListOfAffectedItems = new ArrayList<>();
+        for (String AffectedItems : listOfAffectedItems) {
+            String cleanAffectedItem = AffectedItems.replaceAll("\r\n|\r|\n", " ");
+            cleanListOfAffectedItems.add(cleanAffectedItem);
+        }
+        return "EDCNotificationContent{" +
+                "information='" + cleanInformation + '\'' +
+                ", listOfAffectedItems=" + cleanListOfAffectedItems +
+                '}';
+    }
+
 }
diff --git a/...tusx/traceability/qualitynotification/infrastructure/edc/model/EDCNotificationHeader.java b/...tusx/traceability/qualitynotification/infrastructure/edc/model/EDCNotificationHeader.java
@@ -24,6 +24,40 @@
 
 @JsonInclude(JsonInclude.Include.NON_NULL)
 public record EDCNotificationHeader(String notificationId, String senderBPN, String senderAddress, String recipientBPN,
-									String classification, String severity, String relatedNotificationId,
-									String status, String targetDate, String messageId) {
+                                    String classification, String severity, String relatedNotificationId,
+                                    String status, String targetDate, String messageId) {
+
+    @Override
+    public String toString() {
+        String[] stringsToClean = {
+                notificationId,
+                senderBPN,
+                senderAddress,
+                recipientBPN,
+                classification,
+                severity,
+                relatedNotificationId,
+                status,
+                targetDate,
+                messageId
+        };
+
+        for (int i = 0; i < stringsToClean.length; i++) {
+            stringsToClean[i] = stringsToClean[i].replaceAll("\r\n|\r|\n", " ");
+        }
+
+        return "EDCNotificationHeader{" +
+                "notificationId='" + notificationId + '\'' +
+                ", senderBPN='" + senderBPN + '\'' +
+                ", senderAddress='" + senderAddress + '\'' +
+                ", recipientBPN='" + recipientBPN + '\'' +
+                ", classification='" + classification + '\'' +
+                ", severity='" + severity + '\'' +
+                ", relatedNotificationId='" + relatedNotificationId + '\'' +
+                ", status='" + status + '\'' +
+                ", targetDate='" + targetDate + '\'' +
+                ", messageId='" + messageId + '\'' +
+                '}';
+    }
+
 }