hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-16 14:33:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

coar-notify-7 false positive request forgery comment

Browse Source
This commit is contained in:
frabacche
2024-01-12 11:29:23 +01:00
parent 692987df23
commit 37a23be62f
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
dspace-api/src/main/java/org/dspace/app/ldn/action/SendLDNMessageAction.java
View File

@@ -56,6 +56,9 @@ public class SendLDNMessageAction implements LDNAction {
log.info("Announcing notification {}", request); log.info("Announcing notification {}", request);
try { try {
//Server-side request forgery Critical check gitHub failure is a false positive,
//because the LDN Service URL is configured by the user from DSpace
//frontend configuration at /admin/ldn/services
ResponseEntity<String> response = restTemplate.postForEntity( ResponseEntity<String> response = restTemplate.postForEntity(
notification.getTarget().getInbox(), notification.getTarget().getInbox(),
request, request,