Gitiles
Code Review Sign In
osm.etsi.org / osm / NG-UI / a055cd9aa33fba7331da8048bdc877d66a5bfa0e^! / . / src / app / utilities
commita055cd9aa33fba7331da8048bdc877d66a5bfa0e[log] [tgz]
authorSANDHYA.JS <sandhya.j@tataelxsi.co.in>Wed May 10 18:23:06 2023 +0530
committerSANDHYA.JS <sandhya.j@tataelxsi.co.in>Wed May 10 18:23:06 2023 +0530
tree2986f9aa504fbf850de975ec72d631095675c479
parent9a5609f483447af00759d6d2488086133c01c17f [diff]
Coverity-CWE 922: Insecure Storage of Sensitive Information(localStorage write)

	- Coverity fix for localStorage write issue: For storing datas
	  in browser localStorage so changed it to sessionStorage

Change-Id: Ie35774b610b08e1e412394bd2ec544c013ac8730
Signed-off-by: SANDHYA.JS <sandhya.j@tataelxsi.co.in>

diff --git a/src/app/utilities/project-link/ProjectLinkComponent.ts b/src/app/utilities/project-link/ProjectLinkComponent.ts
index 35c5b2c..1ee079c 100644
--- a/src/app/utilities/project-link/ProjectLinkComponent.ts
+++ b/src/app/utilities/project-link/ProjectLinkComponent.ts

@@ -62,13 +62,13 @@
   }
 
   public ngOnInit(): void {
-    this.selectedProject = localStorage.getItem('project');
+    this.selectedProject = sessionStorage.getItem('project');
     this.getAdminProjects();
   }
 
   /** Get the admin projects to be selectable @public */
   public getAdminProjects(): void {
-    const username: string = localStorage.getItem('username');
+    const username: string = sessionStorage.getItem('username');
     this.restService.getResource(environment.USERS_URL + '/' + username).subscribe((projects: UserDetail) => {
       this.projectList = projects.project_role_mappings;
       this.isPresent = this.projectList.some((item: ProjectData) => item.project === this.value.project);

diff --git a/src/app/utilities/switch-project/SwitchProjectComponent.ts b/src/app/utilities/switch-project/SwitchProjectComponent.ts
index 1df6a16..66e0f4b 100644
--- a/src/app/utilities/switch-project/SwitchProjectComponent.ts
+++ b/src/app/utilities/switch-project/SwitchProjectComponent.ts

@@ -119,12 +119,12 @@
       };
       this.restService.postResource(apiURLHeader, payLoad).subscribe((data: LOCALSTORAGE) => {
         if (data) {
-          localStorage.setItem('id_token', data.id);
-          localStorage.setItem('project_id', this.params.projectID);
-          localStorage.setItem('expires', data.expires.toString());
-          localStorage.setItem('username', data.username);
-          localStorage.setItem('project', data.project_name);
-          localStorage.setItem('token_state', data.id);
+          sessionStorage.setItem('id_token', data.id);
+          sessionStorage.setItem('project_id', this.params.projectID);
+          sessionStorage.setItem('expires', data.expires.toString());
+          sessionStorage.setItem('username', data.username);
+          sessionStorage.setItem('project', data.project_name);
+          sessionStorage.setItem('token_state', data.id);
           this.activeModal.close();
           location.reload();
           this.isLoadingResults = false;