How to sanitize and validate user input to pass a Checkmarx scan
问题 I have an endpoint that receives a String from the client as seen below: @GET @Path("/{x}") public Response doSomething(@PathParam("x") String x) { String y = myService.process(x); return Response.status(OK).entity(y).build(); } Checkmarx complains that this element’s value then "flows through the code without being properly sanitized or validated and is eventually displayed to the user in method doSomething" Then I tried this: @GET @Path("/{x}") public Response doSomething(@PathParam("x")