Configure XStream security and resolve itest bundles (#8663)

* Configures XStream security to prevent "Security framework of XStream not initialized, XStream is probably vulnerable" warnings. * Resolves the itest bundles for the upgrade to XStream 1.4.13 Related to openhab/openhab-core#1688 Signed-off-by: Wouter Born <github@maindrain.net>
2020-10-04 22:10:04 +02:00
parent 3ea3570306
commit be7e9c9680
12 changed files with 31 additions and 21 deletions
--- a/bundles/org.openhab.binding.homematic/src/main/java/org/openhab/binding/homematic/internal/communicator/CcuGateway.java
+++ b/bundles/org.openhab.binding.homematic/src/main/java/org/openhab/binding/homematic/internal/communicator/CcuGateway.java
@@ -64,6 +64,8 @@ public class CcuGateway extends AbstractHomematicGateway {
            HttpClient httpClient) {
        super(id, config, gatewayAdapter, httpClient);

+        XStream.setupDefaultSecurity(xStream);
+        xStream.allowTypesByWildcard(new String[] { HmDevice.class.getPackageName() + ".**" });
        xStream.setClassLoader(CcuGateway.class.getClassLoader());
        xStream.autodetectAnnotations(true);
        xStream.alias("scripts", TclScriptList.class);