mirror/Plan
2
0
Fork 0
mirror of https://github.com/plan-player-analytics/Plan.git synced 2024-12-15 05:41:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

Prevented a future accidental XSS vulnerability in Server UUID parsing

Browse Source 
The server parameter was passed to an exception that is currently turned into
json, but in the future the way this exception is handled could have changed.
This commit is contained in:
Risto Lahtela 2021-01-24 11:03:01 +02:00
parent 5c49e95c7d
commit d64a967497
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Plan/common/src/main/java/com/djrapitops/plan/identification/Identifiers.java
View File

@ -57,7 +57,7 @@ public class Identifiers {
Optional<UUID> parsed = UUIDUtility.parseFromString(identifier);
return parsed.orElseGet(() -> getServerUUIDFromName(identifier).orElseThrow(
() -> new BadRequestException("Given 'server' was not found in the database: '" + identifier + "'")
() -> new BadRequestException("Given 'server' was not found in the database.")
));
}