chore(orc8r): Make CodeQL security check happy

CodeQL check identified possible security vulnerabilities in these files. I resolved the issue by replacing a `"%+v"`/`"%v"` with `"%s"` in both files and explicitly calling the URL string in another instances Signed-off-by: Moritz Huebner <moritz.huebner@tngtech.com>
magma · May 18, 2022 · 3d23bf5 · 3d23bf5
1 parent 230c117
commit 3d23bf5
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/orc8r/cloud/go/services/obsidian/handler.go b/orc8r/cloud/go/services/obsidian/handler.go
@@ -218,7 +218,7 @@ func CheckNetworkAccess(c echo.Context, networkId string) *echo.HTTPError {
 			return nil
 		}
 	}
-	glog.Infof("Client cert %s is not authorized for network: %+v", util.FormatPkixSubject(&cert.Subject), networkId)
+	glog.Infof("Client cert %s is not authorized for network: %s", util.FormatPkixSubject(&cert.Subject), networkId)
 	return echo.NewHTTPError(http.StatusForbidden, "Client certificate is not authorized")
 }
 

diff --git a/orc8r/cloud/go/services/obsidian/server/metrics.go b/orc8r/cloud/go/services/obsidian/server/metrics.go
@@ -51,10 +51,10 @@ func CollectStats(next echo.HandlerFunc) echo.HandlerFunc {
 		status := strconv.Itoa(c.Response().Status)
 		respStatuses.WithLabelValues(status, c.Request().Method).Inc()
 		glog.V(2).Infof(
-			"REST API code: %v, method: %v, url: %v\n",
+			"REST API code: %s, method: %s, url: %s\n",
 			status,
 			c.Request().Method,
-			c.Request().URL,
+			c.Request().URL.String(),
 		)
 		return nil
 	}