From d31a8c8f358d06331eeaca7e976f3b8ce969f050 Mon Sep 17 00:00:00 2001
From: Kiran Kumar Mallru <gmkumar2005@gmail.com>
Date: Sat, 9 Nov 2024 19:39:30 +0530
Subject: [PATCH] added spring-disabled-csrf-protection,
 unvalidated-url-forward

---
 .github/workflows/codeql-analysis.yml                        | 5 +++++
 .../sunbirdrc/registry/authorization/SchemaAuthFilter.java   | 2 +-
 .../dev/sunbirdrc/registry/authorization/SecurityConfig.java | 2 +-
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index cdd1a093c..b5aebf138 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -57,6 +57,11 @@ jobs:
                 id: java/URL-forward-from-remote-source
             - exclude:
                 id: java/Disabled-Spring-CSRF-protection
+            - exclude:
+                id: java/unvalidated-url-forward
+            - exclude:
+                java/spring-disabled-csrf-protection
+          
 
         # If you wish to specify custom queries, you can do so here or in a config file.
         # By default, queries listed here will override any specified in a config file.
diff --git a/java/middleware/registry-middleware/authorization/src/main/java/dev/sunbirdrc/registry/authorization/SchemaAuthFilter.java b/java/middleware/registry-middleware/authorization/src/main/java/dev/sunbirdrc/registry/authorization/SchemaAuthFilter.java
index 645870447..0b48b7bd1 100644
--- a/java/middleware/registry-middleware/authorization/src/main/java/dev/sunbirdrc/registry/authorization/SchemaAuthFilter.java
+++ b/java/middleware/registry-middleware/authorization/src/main/java/dev/sunbirdrc/registry/authorization/SchemaAuthFilter.java
@@ -15,7 +15,7 @@
 import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
-@SuppressWarnings("java/URL-forward-from-remote-source")
+@SuppressWarnings({"java/URL-forward-from-remote-source","unvalidated-url-forward"})
 public class SchemaAuthFilter extends OncePerRequestFilter {
     private static final Logger logger = LoggerFactory.getLogger(SchemaAuthFilter.class);
     private static final String INVITE_URL_PATTERN = "/api/v1/([A-Za-z0-9_])+/invite(/)?";
diff --git a/java/middleware/registry-middleware/authorization/src/main/java/dev/sunbirdrc/registry/authorization/SecurityConfig.java b/java/middleware/registry-middleware/authorization/src/main/java/dev/sunbirdrc/registry/authorization/SecurityConfig.java
index 26975764b..e3f4efba1 100644
--- a/java/middleware/registry-middleware/authorization/src/main/java/dev/sunbirdrc/registry/authorization/SecurityConfig.java
+++ b/java/middleware/registry-middleware/authorization/src/main/java/dev/sunbirdrc/registry/authorization/SecurityConfig.java
@@ -26,7 +26,7 @@
 @Configuration
 @EnableWebSecurity
 @ConditionalOnProperty(name = "authentication.enabled", havingValue = "true", matchIfMissing = false)
-@SuppressWarnings("java/Disabled-Spring-CSRF-protection")
+@SuppressWarnings({"java/Disabled-Spring-CSRF-protection","spring-disabled-csrf-protection"})
 public class SecurityConfig {
 
     @Autowired