Skip to content

Fix request: Request without GET or POST #21

New issue
New issue
Open
Open
Fix request: Request without GET or POST#21
@akondasif

Description

@akondasif
akondasif
opened on Jul 6, 2020

Greetings,

We are researchers and we are have identified insecure coding patterns and configurations in the microservice architecture repositories. In your repository, we have found instances of @RequestMapping" methods without POST or GET . According to the Common Weakness Enumeration and JAVA OWASP, this is a security weakness and needs to be avoided.

We request for a fix for this issue. Looking forward for your feedback.

Source:

building-microservices/livelessons-cloud/livelessons-cloud-connectors/src/main/java/demo/ExampleController.java

Line 20 in 0fa38f8

@RequestMapping("/")

and

building-microservices/livelessons-operations/livelessons-operations-cloud-monitoring/src/main/java/demo/ExampleController.java

Line 15 in 0fa38f8

@RequestMapping("/")

and

building-microservices/livelessons-cloud/livelessons-cloud-services/src/main/java/demo/ExampleController.java

Line 16 in 0fa38f8

@RequestMapping("/")

and

building-microservices/livelessons-integration/livelessons-integration-eai/src/main/java/demo/WebSocketIntegration.java

Line 72 in 0fa38f8

@RequestMapping("/echo")

and

building-microservices/livelessons-operations/livelessons-operations-metrics/src/main/java/demo/ExampleController.java

Line 15 in 0fa38f8

@RequestMapping("/")

and

building-microservices/livelessons-security/livelessons-security-basic/src/main/java/basic/GreetingsRestController.java

Line 14 in 0fa38f8

@RequestMapping("/hi")

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions