Java Spring中的WebRequest在sonar qube中引发漏洞
在我的代码中,我实现了ResponseEntityExceptionHandle来处理异常 当我重写handleMissingServletRequestParameter方法时。Sonar qube抱怨可变WebRequest请求存在漏洞问题 方法定义Java Spring中的WebRequest在sonar qube中引发漏洞,java,spring,spring-mvc,sonarqube,Java,Spring,Spring Mvc,Sonarqube,在我的代码中,我实现了ResponseEntityExceptionHandle来处理异常 当我重写handleMissingServletRequestParameter方法时。Sonar qube抱怨可变WebRequest请求存在漏洞问题 方法定义 @Override protected ResponseEntity<Object> handleMissingServletRequestParameter( final MissingServletRequestPara
@Override
protected ResponseEntity<Object> handleMissingServletRequestParameter(
final MissingServletRequestParameterException ex, final HttpHeaders
headers,
final HttpStatus status, final WebRequest request) {
final String error = ex.getParameterName() + " parameter is missing";
final ExceptionResponse exceptionResponse =
new ExceptionResponse(HttpStatus.BAD_REQUEST, ex.getLocalizedMessage(), error);
return constructResponseEntity(exceptionResponse, headers, request, ex);
如何解决这个问题
[request] not sanitized with standard sanitization methods: normalize,
encode [Note: As applicable, validate class member variables of type String,
StringBuffer, CharSequence]