You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hop.apache.org by ha...@apache.org on 2021/12/06 12:14:03 UTC

[incubator-hop] branch master updated: fixed sonar vulnerabities issues. (#1213)

This is an automated email from the ASF dual-hosted git repository.

hansva pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-hop.git


The following commit(s) were added to refs/heads/master by this push:
     new f8689a6  fixed sonar vulnerabities issues. (#1213)
f8689a6 is described below

commit f8689a68d33c9d1a2b618bb24cb889795c6dc561
Author: Gabriel Dutra <gv...@gmail.com>
AuthorDate: Mon Dec 6 04:13:58 2021 -0800

    fixed sonar vulnerabities issues. (#1213)
---
 .../main/java/org/apache/hop/core/logging/Metrics.java  | 17 -----------------
 .../src/main/java/org/apache/hop/core/svg/SvgImage.java |  3 +++
 .../main/java/org/apache/hop/www/AsyncRunServlet.java   | 12 ++++++------
 3 files changed, 9 insertions(+), 23 deletions(-)

diff --git a/core/src/main/java/org/apache/hop/core/logging/Metrics.java b/core/src/main/java/org/apache/hop/core/logging/Metrics.java
index a193d2f..c4ea0e8 100644
--- a/core/src/main/java/org/apache/hop/core/logging/Metrics.java
+++ b/core/src/main/java/org/apache/hop/core/logging/Metrics.java
@@ -212,21 +212,4 @@ public class Metrics implements IMetrics {
     return ((IMetrics) obj).getCode().equalsIgnoreCase(code);
   }
 
-  public static List<IMetrics> getDefaultMetrics() {
-    List<IMetrics> metrics = new ArrayList<>();
-
-    for (Field field : Metrics.class.getDeclaredFields()) {
-      if (field.getType().equals(Metrics.class) && field.getName().startsWith("METRIC_")) {
-        field.setAccessible(true);
-        try {
-          metrics.add((IMetrics) field.get(null));
-        } catch (Exception e) {
-          e.printStackTrace(); // it either works or doesn't, seems more like a JRE problem if it
-          // doesn't.
-        }
-      }
-    }
-
-    return metrics;
-  }
 }
diff --git a/core/src/main/java/org/apache/hop/core/svg/SvgImage.java b/core/src/main/java/org/apache/hop/core/svg/SvgImage.java
index 99112f7..2c7ba75 100644
--- a/core/src/main/java/org/apache/hop/core/svg/SvgImage.java
+++ b/core/src/main/java/org/apache/hop/core/svg/SvgImage.java
@@ -20,6 +20,7 @@ package org.apache.hop.core.svg;
 import org.apache.hop.core.exception.HopException;
 import org.w3c.dom.Document;
 
+import javax.xml.XMLConstants;
 import javax.xml.transform.Transformer;
 import javax.xml.transform.TransformerFactory;
 import javax.xml.transform.dom.DOMSource;
@@ -48,6 +49,8 @@ public class SvgImage {
       StringWriter stringWriter = new StringWriter();
       StreamResult streamResult = new StreamResult(stringWriter);
       TransformerFactory transformerFactory = TransformerFactory.newInstance();
+      transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, "");
+      transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, "");
       Transformer transformer = transformerFactory.newTransformer();
       transformer.transform(domSource, streamResult);
       return stringWriter.toString();
diff --git a/plugins/misc/async/src/main/java/org/apache/hop/www/AsyncRunServlet.java b/plugins/misc/async/src/main/java/org/apache/hop/www/AsyncRunServlet.java
index 10647b4..67d1f86 100644
--- a/plugins/misc/async/src/main/java/org/apache/hop/www/AsyncRunServlet.java
+++ b/plugins/misc/async/src/main/java/org/apache/hop/www/AsyncRunServlet.java
@@ -64,8 +64,8 @@ public class AsyncRunServlet extends BaseHttpServlet implements IHopServerPlugin
     super(pipelineMap);
   }
 
-  public void doGet(HttpServletRequest request, HttpServletResponse response)
-      throws ServletException, IOException {
+  @Override
+  public void doGet(HttpServletRequest request, HttpServletResponse response) {
 
     if (isJettyMode() && !request.getContextPath().startsWith(CONTEXT_PATH)) {
       return;
@@ -92,7 +92,7 @@ public class AsyncRunServlet extends BaseHttpServlet implements IHopServerPlugin
 
     String webServiceName = request.getParameter("service");
     if (StringUtils.isEmpty(webServiceName)) {
-      throw new ServletException(
+      log.logError(
           "Please specify a service parameter pointing to the name of the asynchronous webservice object");
     }
 
@@ -194,7 +194,7 @@ public class AsyncRunServlet extends BaseHttpServlet implements IHopServerPlugin
 
       // Allocate the workflow in the background...
       //
-      new Thread(() -> workflow.startExecution()).start();
+      new Thread(workflow::startExecution).start();
 
       final OutputStream outputStream = response.getOutputStream();
 
@@ -211,8 +211,8 @@ public class AsyncRunServlet extends BaseHttpServlet implements IHopServerPlugin
 
       response.setStatus(HttpServletResponse.SC_OK);
 
-    } catch (Exception e) {
-      throw new ServletException("Error running asynchronous web service", e);
+    } catch (IOException | HopException e) {
+      log.logError("Error running asynchronous web service", e);
     }
   }