Currently, the license-recommender endpoint does not contain any check if the payload sent to this endpoint is correct. It means that the service fail later with HTTP code 500, and not with HTTP code 400.
Possible fix:
1) check payload right after it is received
2) respond accordingly
Currently, the
license-recommender
endpoint does not contain any check if the payload sent to this endpoint is correct. It means that the service fail later with HTTP code 500, and not with HTTP code 400.Possible fix: 1) check payload right after it is received 2) respond accordingly
Report made by BAF can be seen here: https://fabric8-analytics.github.io/fuzz-tests/recommender_licence_recommender_issue_169.htm