Coverity-CWE 922: Insecure Storage of Sensitive Information(localStorage write)
- Coverity fix for localStorage write issue: For storing datas
in browser localStorage so changed it to sessionStorage
Change-Id: I5179dbd864d9cf6c9f82fdb54f4ad2544e945ac0
Signed-off-by: SANDHYA.JS <sandhya.j@tataelxsi.co.in>
diff --git a/src/app/utilities/change-password/ChangePasswordComponent.ts b/src/app/utilities/change-password/ChangePasswordComponent.ts
index a2036ff..54cf356 100644
--- a/src/app/utilities/change-password/ChangePasswordComponent.ts
+++ b/src/app/utilities/change-password/ChangePasswordComponent.ts
@@ -60,7 +60,7 @@
/** Lifecyle Hooks the trigger before component is instantiate @public */
public ngOnInit(): void {
const modalRef: NgbModalRef = this.modalService.open(AddEditUserComponent, { backdrop: 'static', keyboard: false });
- modalRef.componentInstance.userID = localStorage.getItem('user_id');
+ modalRef.componentInstance.userID = sessionStorage.getItem('user_id');
if (this.editType === 'changePassword') {
modalRef.componentInstance.userTitle = this.translateService.instant('PAGE.USERS.EDITCREDENTIALS');
}
diff --git a/src/app/utilities/project-link/ProjectLinkComponent.ts b/src/app/utilities/project-link/ProjectLinkComponent.ts
index 35c5b2c..1ee079c 100644
--- a/src/app/utilities/project-link/ProjectLinkComponent.ts
+++ b/src/app/utilities/project-link/ProjectLinkComponent.ts
@@ -62,13 +62,13 @@
}
public ngOnInit(): void {
- this.selectedProject = localStorage.getItem('project');
+ this.selectedProject = sessionStorage.getItem('project');
this.getAdminProjects();
}
/** Get the admin projects to be selectable @public */
public getAdminProjects(): void {
- const username: string = localStorage.getItem('username');
+ const username: string = sessionStorage.getItem('username');
this.restService.getResource(environment.USERS_URL + '/' + username).subscribe((projects: UserDetail) => {
this.projectList = projects.project_role_mappings;
this.isPresent = this.projectList.some((item: ProjectData) => item.project === this.value.project);
diff --git a/src/app/utilities/switch-project/SwitchProjectComponent.ts b/src/app/utilities/switch-project/SwitchProjectComponent.ts
index dffb63a..8555146 100644
--- a/src/app/utilities/switch-project/SwitchProjectComponent.ts
+++ b/src/app/utilities/switch-project/SwitchProjectComponent.ts
@@ -124,12 +124,12 @@
};
this.restService.postResource(apiURLHeader, payLoad).subscribe((data: LOCALSTORAGE) => {
if (data) {
- localStorage.setItem('id_token', data.id);
- localStorage.setItem('project_id', this.params.projectID);
- localStorage.setItem('expires', data.expires.toString());
- localStorage.setItem('username', data.username);
- localStorage.setItem('project', data.project_name);
- localStorage.setItem('token_state', data.id);
+ sessionStorage.setItem('id_token', data.id);
+ sessionStorage.setItem('project_id', this.params.projectID);
+ sessionStorage.setItem('expires', data.expires.toString());
+ sessionStorage.setItem('username', data.username);
+ sessionStorage.setItem('project', data.project_name);
+ sessionStorage.setItem('token_state', data.id);
this.activeModal.close();
if (this.router.url.includes('history-operations')) {
this.router.navigate(['/instances/ns']).then((): void => {