search

SAP-archive / com.sap.openSAP.hana5.example

openSAP HANA5/HANA6 Course: Example Completed Implementation
https://open.sap.com/courses/hana5/
Apache License 2.0
87 stars 81 forks source link

Internal SAP reference in settings files #5

Closed jonathanbaker7 closed 6 years ago

jonathanbaker7 commented 6 years ago

The file httpclient.js contains a reference to an internal SAP server:

{path: "http://www.loc.gov/pictures/search/?fo=json&q=SAP&",
--
20 | host: "proxy.wdf.sap.corp",
21 | port: "8080",
22 | headers: {

Specifically, the server:

proxy.wdf.sap.corp

This artifact won't work outside the SAP firewall.

SAP Open Source runs regular scans looking for artifacts in the code which might indicate our internal code has accidentally released in to the Open Source stream. This file continues to show up in our scans. Can you please fix it, or remove it, so that it no longer shows up as an error?

Thank you.

jung-thomas commented 6 years ago

This artifact won't work outside the SAP firewall. Actually it does work because this line is commented out.

[cid:image001.png@01D3ABDD.4A29C590]

It was left in so that SAP employees taking the course can adjust the exercise for usage internally. But if you require it to be removed I will do so.

Thomas Jung

From: Jonathan Baker [mailto:notifications@github.com] Sent: Thursday, February 22, 2018 12:54 PM To: SAP/com.sap.openSAP.hana5.example com.sap.openSAP.hana5.example@noreply.github.com Cc: Subscribed subscribed@noreply.github.com Subject: [SAP/com.sap.openSAP.hana5.example] Internal SAP reference in settings files (#5)

The file httpclient.jshttps://github.com/SAP/com.sap.openSAP.hana5.example/blob/f74f54b52c50fcbd96eaba633d6049aa0ae744f6/core-js/async/httpClient.js contains a reference to an internal SAP server:

{path: "http://www.loc.gov/pictures/search/?fo=json&q=SAP&",

--

20 | host: "proxy.wdf.sap.corp",

21 | port: "8080",

22 | headers: {

Specifically, the server:

proxy.wdf.sap.corp

This artifact won't work outside the SAP firewall.

SAP Open Source runs regular scans looking for artifacts in the code which might indicate our internal code has accidentally released in to the Open Source stream. This file continues to show up in our scans. Can you please fix it, or remove it, so that it no longer shows up as an error?

Thank you.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/SAP/com.sap.openSAP.hana5.example/issues/5, or mute the threadhttps://github.com/notifications/unsubscribe-auth/ALmJfLR62Y3_eegbkoW1eD6HZ8Ak6Lqwks5tXanOgaJpZM4SPuhK.

jonathanbaker7 commented 6 years ago

It's a form letter, so it always says "doesn't work". But if you wouldn't mind removing it, please, that would be great. The legal team has set clear requirements that we look for internal references or internal code, and it's going to keep appearing in the scans as unfixed.

Feel free to mark it as "" or some such, that won't get caught.

Thanks.