> getUserDetails(@Valid String userId) { UriComponentsBui" /> > getUserDetails(@Valid String userId) { UriComponentsBui" /> > getUserDetails(@Valid String userId) { UriComponentsBui"/>

TechQA.

Serve side request forgery by codeQl while make api call using restTemplate

90 views Asked by At 
@RequestMapping( value = "/data", method RequestMethod.GET)
public Response Entity<List<user>> getUserDetails(@Valid String userId) {

  UriComponentsBuilder builder = UriComponentsBuilder.fromHttpUrl(getUserUrl()).queryParam name: "userId", userId);
  //Some logic to validate url
  boolean isValid = UTILITY.isValidUrl(builder.toUriString());

  if (isValid) {
    result = restTemplate.exchange(builder.toUriString, HttpMethod.GET, entity, String.class);  
  }

In codeQl scan it is showing check failure

Server side request forgery due to a user provided value

How to fix this codeQl issue in spring boot

java spring-boot rest veracode
Original Q&A
0

There are 0 answers

Related Questions in JAVA

Related Questions in SPRING-BOOT

Related Questions in REST

Related Questions in VERACODE

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions