0
的SonarQube提示(規則 「Web applications should use validation filters」)表明,這種標準的解決方案:SonarQube關鍵違反要求對REST API的web.xml文件過濾器
public class ValidatingHttpRequest extends HttpServletRequestWrapper {
// ...
}
public class ValidationFilter implements javax.servlet.Filter {
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) {
chain.doFilter(new ValidatingHttpRequest((HttpServletRequest)request), response);
}
}
,並在web.xml:
<filter>
<filter-name>ValidationFilter</filter-name>
<filter-class>com.myco.servlet.ValidationFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ValidationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
但我不知道在這裏預期的驗證。我的代碼是rest api(resteasy實現),所有服務都在"/rest/*
路徑下。這是一個假陽性案件嗎?
我會接受你的好鏈接的參考答案。謝謝 – guilhermerama