Ejemplo n.º 1
0
  @Override
  public void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {

    org.owasp.benchmark.helpers.SeparateClassRequest scr =
        new org.owasp.benchmark.helpers.SeparateClassRequest(request);
    String param = scr.getTheValue("foo");

    String bar = doSomething(param);

    try {
      javax.naming.directory.DirContext dc = org.owasp.benchmark.helpers.Utils.getDirContext();
      dc.search("name", bar, new javax.naming.directory.SearchControls());
    } catch (javax.naming.NamingException e) {
      throw new ServletException(e);
    }
  } // end doPost
Ejemplo n.º 2
0
  @Override
  public void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {

    java.util.Map<String, String[]> map = request.getParameterMap();
    String param = "";
    if (!map.isEmpty()) {
      param = map.get("foo")[0];
    }

    String bar = new Test().doSomething(param);

    try {
      javax.naming.directory.DirContext dc = org.owasp.benchmark.helpers.Utils.getDirContext();
      Object[] filterArgs = {"a", "b"};
      dc.search("name", bar, filterArgs, new javax.naming.directory.SearchControls());
    } catch (javax.naming.NamingException e) {
      throw new ServletException(e);
    }
  } // end doPost
Ejemplo n.º 3
0
  @Override
  public void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {

    String param = request.getParameter("foo");

    java.util.List<String> valuesList = new java.util.ArrayList<String>();
    valuesList.add("safe");
    valuesList.add(param);
    valuesList.add("moresafe");

    valuesList.remove(0); // remove the 1st safe value

    String bar = valuesList.get(0); // get the param value

    try {
      javax.naming.directory.DirContext dc = org.owasp.benchmark.helpers.Utils.getDirContext();
      Object[] filterArgs = {"a", "b"};
      dc.search("name", bar, filterArgs, new javax.naming.directory.SearchControls());
    } catch (javax.naming.NamingException e) {
      throw new ServletException(e);
    }
  }
Ejemplo n.º 4
0
  @Override
  public void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {

    String[] values = request.getParameterValues("foo");
    String param;
    if (values.length != 0) param = request.getParameterValues("foo")[0];
    else param = null;

    String bar;

    // Simple ? condition that assigns constant to bar on true condition
    int i = 106;

    bar = (7 * 18) + i > 200 ? "This_should_always_happen" : param;

    try {
      javax.naming.directory.DirContext dc = org.owasp.benchmark.helpers.Utils.getDirContext();
      Object[] filterArgs = {"a", "b"};
      dc.search("name", bar, filterArgs, new javax.naming.directory.SearchControls());
    } catch (javax.naming.NamingException e) {
      throw new ServletException(e);
    }
  }