Coverity-CWE 922: Insecure Storage of Sensitive Information(localStorage write)
- Coverity fix for localStorage write issue: For storing datas
in browser localStorage so changed it to sessionStorage
Change-Id: I5179dbd864d9cf6c9f82fdb54f4ad2544e945ac0
Signed-off-by: SANDHYA.JS <sandhya.j@tataelxsi.co.in>
diff --git a/src/services/AuthInterceptorService.ts b/src/services/AuthInterceptorService.ts
index 8c5a9d7..9c17b56 100644
--- a/src/services/AuthInterceptorService.ts
+++ b/src/services/AuthInterceptorService.ts
@@ -68,7 +68,7 @@
public intercept(req: HttpRequest<{}>, next: HttpHandler): Observable<HttpSentEvent |
// tslint:disable-next-line:no-any
HttpHeaderResponse | HttpProgressEvent | HttpResponse<{}> | HttpUserEvent<any> | any> {
- const idToken: string = localStorage.getItem('id_token');
+ const idToken: string = sessionStorage.getItem('id_token');
const excludedUrl: string[] = ['osm/admin/v1/tokens', 'assets/i18n/', 'osm/version'];
if (excludedUrl.some((x: string): boolean => { return req.url.includes(x); })) { return next.handle(req); }
if (idToken.length > 0) {