Coverity-CWE 922: Insecure Storage of Sensitive Information(localStorage write)
- Coverity fix for localStorage write issue: For storing datas
in browser localStorage so changed it to sessionStorage
Change-Id: I3fdce439b923e006b44a50a42fab19b7ffbcdec6
Signed-off-by: SANDHYA.JS <sandhya.j@tataelxsi.co.in>
diff --git a/src/app/utilities/users-action/UsersActionComponent.ts b/src/app/utilities/users-action/UsersActionComponent.ts
index 04fd58a..799779d 100644
--- a/src/app/utilities/users-action/UsersActionComponent.ts
+++ b/src/app/utilities/users-action/UsersActionComponent.ts
@@ -74,8 +74,8 @@
* Lifecyle Hooks the trigger before component is instantiate
*/
public ngOnInit(): void {
- this.isAdminShow = localStorage.getItem('admin_show') === 'true' ? true : false;
- this.isUserShow = localStorage.getItem('user_show') === 'true' ? true : false;
+ this.isAdminShow = sessionStorage.getItem('admin_show') === 'true' ? true : false;
+ this.isUserShow = sessionStorage.getItem('user_show') === 'true' ? true : false;
if (!isNullOrUndefined(this.value.user_status)) {
this.isUserStatus = this.value.user_status;
}
@@ -134,8 +134,8 @@
public unlockRenewUser(editType: string): void {
// eslint-disable-next-line security/detect-non-literal-fs-filename
const modalRef: NgbModalRef = this.modalService.open(WarningComponent, { backdrop: 'static' });
- localStorage.setItem('renew', 'true');
- const id: string = localStorage.getItem('user_id');
+ sessionStorage.setItem('renew', 'true');
+ const id: string = sessionStorage.getItem('user_id');
if (editType === 'unlock') {
modalRef.componentInstance.heading = this.translateService.instant('Unlock User');
modalRef.componentInstance.confirmationMessage = this.translateService.instant('Are you sure want to unlock this user');