From 54ccc4bee9ef26d229005a10b8ee734d14334503 Mon Sep 17 00:00:00 2001 From: Avgustin Marinov Date: Fri, 19 Jan 2024 13:41:24 +0200 Subject: [PATCH] [#1510] Remove Vaadin v8 UI: Remove Lib - FIX (#1555) Fixes the security vulerability in previous commit: https://github.com/eclipse/hawkbit/pull/1554/commits/76996c7b4a5423fc7a27b5c8d9c906b4c9a4a51d Signed-off-by: Marinov Avgustin --- .../java/org/eclipse/hawkbit/app/Start.java | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/hawkbit-runtime/hawkbit-update-server/src/main/java/org/eclipse/hawkbit/app/Start.java b/hawkbit-runtime/hawkbit-update-server/src/main/java/org/eclipse/hawkbit/app/Start.java index 13ae640b4..22a97b96a 100644 --- a/hawkbit-runtime/hawkbit-update-server/src/main/java/org/eclipse/hawkbit/app/Start.java +++ b/hawkbit-runtime/hawkbit-update-server/src/main/java/org/eclipse/hawkbit/app/Start.java @@ -12,6 +12,12 @@ package org.eclipse.hawkbit.app; import org.eclipse.hawkbit.autoconfigure.security.EnableHawkbitManagedSecurityConfiguration; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.servlet.mvc.support.RedirectAttributes; +import org.springframework.web.servlet.view.RedirectView; /** * A {@link SpringBootApplication} annotated class with a main method to start. @@ -35,4 +41,22 @@ public class Start { public static void main(final String[] args) { SpringApplication.run(Start.class, args); } + + @Controller + public static class RedirectController { + + @GetMapping("/") + public RedirectView redirectToSwagger( + RedirectAttributes attributes) { + attributes.addFlashAttribute("flashAttribute", "redirectWithRedirectView"); + attributes.addAttribute("attribute", "redirectWithRedirectView"); + return new RedirectView("swagger-ui/index.html"); + } + } + + @Configuration + @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, proxyTargetClass = true) + public static class MethodSecurityConfig { + + } }