Java HttpServletResponse.addCookie Examples

Example #1

File: LoginSvcImpl.java Project: lizq888/sqo2o

  private void addUsernameCookie(
      String username,
      String firstname,
      String lastname,
      HttpServletRequest request,
      HttpServletResponse response) {
    StringBuilder un = new StringBuilder(new String(Base64.encodeBase64(username.getBytes())));
    while (un.charAt(un.length() - 1) == '=') {
      un.deleteCharAt(un.length() - 1);
    }
    response.addCookie(createCookie(USERNAME, un.toString(), request));

    StringBuilder fn = new StringBuilder();
    if (!StringUtils.isBlank(firstname)) {
      fn.append(firstname);
    }
    fn.append(":");
    if (!StringUtils.isBlank(lastname)) {
      fn.append(lastname);
    }
    String value = fn.toString();
    fn = new StringBuilder(new String(Base64.encodeBase64(value.getBytes())));
    while (fn.charAt(fn.length() - 1) == '=') {
      fn.deleteCharAt(fn.length() - 1);
    }
    Cookie c = createCookie(FULLNAME, fn.toString(), request);
    c.setMaxAge(Integer.MAX_VALUE);
    response.addCookie(c);
  }

Example #2

File: LoginBean.java Project: zhangxian97/Shane

 public void login(HttpServletRequest request, HttpServletResponse response) throws IOException {
   String username = request.getParameter("username");
   String password = request.getParameter("password");
   if (username == null) {
     response.sendRedirect("index.html");
     return;
   }
   String sql =
       "SELECT id FROM curator WHERE name="
           + SqlUtil.toSqlVarchar(username)
           + " AND passwd=PASSWORD("
           + SqlUtil.toSqlVarchar(password)
           + ")";
   String id = DBUtil.querySingle(sql);
   if (id == null) {
     response.sendRedirect("index.html");
     return;
   }
   Cookie cookie = new Cookie("username", username);
   if (request.getParameter("remember_me") != null
       && request.getParameter("remember_me").equals("on")) {
     cookie.setMaxAge(86400 * 365);
   } else {
     cookie.setMaxAge(-1);
   }
   response.addCookie(cookie);
   cookie = new Cookie("userid", id);
   if (request.getParameter("remember_me") != null
       && request.getParameter("remember_me").equals("on")) {
     cookie.setMaxAge(86400 * 365);
   } else {
     cookie.setMaxAge(-1);
   }
   response.addCookie(cookie);
 }

Example #3

File: AbstractUiExtjsController.java Project: nan21/nan21.dnet.core

  /**
   * Resolve the user's current language from the cookie.
   *
   * @param request
   * @param response
   * @return
   * @throws Exception
   */
  private String resolveLang(HttpServletRequest request, HttpServletResponse response)
      throws Exception {
    Cookie[] cookies = request.getCookies();
    Cookie c = this.getCookie(cookies, Constants.COOKIE_NAME_LANG);
    if (c == null) {
      String defaultValue =
          this.getSystemConfig()
              .getSysParamValue(
                  SysParams.CORE_DEFAULT_LANGUAGE, SysParams.CORE_DEFAULT_LANGUAGE_DEFVAL);
      if (defaultValue == null || defaultValue.equals("")) {
        defaultValue = Constants.DEFAULT_LANGUAGE;
      }
      c = this.createCookie(Constants.COOKIE_NAME_LANG, defaultValue, 60 * 60 * 24 * 365);
      response.addCookie(c);
    }

    String lang = request.getParameter(Constants.REQUEST_PARAM_LANG);
    if (lang == null || lang.equals("")) {
      lang = c.getValue();
    } else {
      c.setMaxAge(0);
      c = this.createCookie(Constants.COOKIE_NAME_LANG, lang, 60 * 60 * 24 * 365);
      response.addCookie(c);
    }
    return lang;
  }

Example #4

File: AbstractUiExtjsController.java Project: nan21/nan21.dnet.core

  /**
   * Resolve the user's current theme from the cookie.
   *
   * @param request
   * @param response
   * @return
   * @throws Exception
   */
  private String resolveTheme(HttpServletRequest request, HttpServletResponse response)
      throws Exception {
    Cookie[] cookies = request.getCookies();
    Cookie c = this.getCookie(cookies, Constants.COOKIE_NAME_THEME);
    if (c == null) {
      String defaultValue =
          this.getSystemConfig()
              .getSysParamValue(
                  SysParams.CORE_DEFAULT_THEME_EXTJS, SysParams.CORE_DEFAULT_THEME_EXTJS_DEFVAL);
      if (defaultValue == null || defaultValue.equals("")) {
        defaultValue = Constants.DEFAULT_THEME_EXTJS;
      }
      c = this.createCookie(Constants.COOKIE_NAME_THEME, defaultValue, 60 * 60 * 24 * 365);
      response.addCookie(c);
    }

    String theme = request.getParameter(Constants.REQUEST_PARAM_THEME);
    if (theme == null || theme.equals("")) {
      theme = c.getValue();
    } else {
      c.setMaxAge(0);
      c = this.createCookie(Constants.COOKIE_NAME_THEME, theme, 60 * 60 * 24 * 365);
      response.addCookie(c);
    }
    return theme;
  }

Example #5

File: EventServlet.java Project: anhtrantuan/RMIT_SoftwareArchitecture_COSC2440

  /**
   * Handle POST request.
   *
   * @param req
   * @param resp
   * @throws javax.servlet.ServletException
   * @throws java.io.IOException
   */
  @Override
  protected void doPost(
      javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
      throws javax.servlet.ServletException, java.io.IOException {
    // Get parameters.
    String city = req.getParameter(CITY_PARAMETER_COOKIE_NAME),
        category = req.getParameter(CATEGORY_PARAMETER_COOKIE_NAME);

    // Create response cookies.
    Cookie cookies[] = new Cookie[2];
    Cookie cookie = new Cookie(CITY_PARAMETER_COOKIE_NAME, city);
    cookie.setMaxAge(COOKIE_MAX_AGE);
    resp.addCookie(cookie);
    cookies[0] = cookie;
    cookie = new Cookie(CATEGORY_PARAMETER_COOKIE_NAME, category);
    cookie.setMaxAge(COOKIE_MAX_AGE);
    resp.addCookie(cookie);
    cookies[1] = cookie;

    // Get print writer.
    PrintWriter writer = resp.getWriter();

    // Render page.
    renderPage(writer, cookies);

    // Close print writer.
    writer.close();
  }

Example #6

File: AuthController.java Project: kscscy/bitproject

  @RequestMapping(value = "login", method = RequestMethod.POST)
  public String login(
      String email,
      String password,
      String saveEmail,
      HttpServletResponse response,
      HttpSession session) {
    response.setContentType("text/plain;charset=UTF-8");

    Cookie emailCookie = null;

    if (saveEmail != null) {
      emailCookie = new Cookie("email", email);
      emailCookie.setMaxAge(60 * 60 * 24 * 15);
      response.addCookie(emailCookie);

    } else {
      emailCookie = new Cookie("email", "");
      emailCookie.setMaxAge(0);
    }
    response.addCookie(emailCookie);

    Student student = studentService.retrieve(email, password);

    if (student == null) {
      session.invalidate();
      return "/auth/LoginFail";
    }
    session.setAttribute("loginUser", student);
    return "redirect:../board/list.do";
  }

Example #7

File: LoginUtils.java Project: xiaojc/elec

 /**
  * 首页登录中添加记住我的功能
  *
  * @param request
  * @param response
  * @throws UnsupportedEncodingException
  */
 public static void remeberMeByCookie(HttpServletRequest request, HttpServletResponse response)
     throws UnsupportedEncodingException {
   // 获取登录名和密码
   String logonName = request.getParameter("name");
   String pwd = request.getParameter("password");
   // 处理cookie中存在中文字符的问题
   String codeName = URLEncoder.encode(logonName, "UTF-8");
   String codePwd = URLEncoder.encode(pwd, "UTF-8");
   // 创建cookie
   Cookie nameCookie = new Cookie("name", codeName);
   Cookie pwdCookie = new Cookie("password", codePwd);
   // 设置cookie有效路径
   nameCookie.setPath(request.getContextPath() + "/");
   pwdCookie.setPath(request.getContextPath() + "/");
   // 是否选中记住我
   if (request.getParameter("remeberMe") != null
       && "yes".equals(request.getParameter("remeberMe"))) {
     // 设置cookie有效时长
     nameCookie.setMaxAge(7 * 24 * 60 * 60);
     pwdCookie.setMaxAge(7 * 24 * 60 * 60);
   } else {
     // 清空cookie有效时长
     pwdCookie.setMaxAge(0);
     nameCookie.setMaxAge(0);
   }
   // 将cookie存放到response中
   response.addCookie(nameCookie);
   response.addCookie(pwdCookie);
 }

Example #8

File: CWE113_HTTP_Response_Splitting__Environment_addCookieServlet_16.java Project: CheckmarxGitHub/GitFun

  /* goodG2B() - use goodsource and badsink by changing the conditions on the first and second while statements */
  private void goodG2B(HttpServletRequest request, HttpServletResponse response) throws Throwable {
    String data;
    boolean local_f = false;

    while (true) {
      java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");
      /* FIX: Use a hardcoded string */
      data = "foo";
      break;
    }

    while (local_f) {
      /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
      Logger log_bad = Logger.getLogger("local-logger");
      /* get environment variable ADD */
      data = System.getenv("ADD");
      break;
    }

    while (true) {
      Cookie cookieSink = new Cookie("lang", data);
      /* POTENTIAL FLAW: Input not verified before inclusion in the cookie */
      response.addCookie(cookieSink);
      break;
    }

    while (local_f) {
      /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
      Cookie cookieSink = new Cookie("lang", URLEncoder.encode(data, "UTF-16"));
      /* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
      response.addCookie(cookieSink);
      break;
    }
  }

Example #9

File: NewCookieCreatingServlet.java Project: isweta/training-

  /** @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */
  protected void doGet(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    String name = request.getParameter("usrname");
    String passwrd = request.getParameter("passwrd");
    Cookie Mycookie1 = new Cookie("uname", name);
    Mycookie1.setMaxAge(10);
    response.addCookie(Mycookie1);

    Cookie Mycookie2 = new Cookie("pwd", passwrd);
    Mycookie2.setMaxAge(10);
    response.addCookie(Mycookie2);

    Cookie Mycookie3 = new Cookie("mobile", "9905216484");
    Mycookie3.setMaxAge(10000);
    response.addCookie(Mycookie3);

    response.setContentType("text/html");

    PrintWriter out = response.getWriter();
    out.println("<HTML><BODY>");
    out.println("<h3>Cookie Initialized</h3>");
    out.println("<a href='index.html'>Go back to home page</a>");
    out.println(
        "<a href='http://localhost:8080/SessionDemoHttp/CookieCheckingServlet'>check cookie</a>");
    out.println("</BODY></HTML>");
  }

Example #10

File: WebWriter.java Project: jianglibo/pcms

  public void json(RequestInfoHttp reqInfo, String content, List<Cookie> cookies)
      throws IOException {

    if (cookies.size() > 0) {
      HttpServletResponse res = reqInfo.getRes();

      Cookie[] exists = reqInfo.getReq().getCookies();

      for (Cookie ck : cookies) {
        Cookie found = null;
        for (Cookie eck : exists) {
          if (eck.getName().equals(ck.getName())) {
            found = eck;
            break;
          }
        }
        if (found == null) {
          res.addCookie(ck);
        } else {
          found.setValue(ck.getValue());
          found.setMaxAge(ck.getMaxAge());
          found.setPath(ck.getPath());
          res.addCookie(found);
        }
      }
    }

    json(reqInfo, content);
  }

Example #11

File: CacheSessionProvider.java Project: justice824/cms

 @SuppressWarnings("unchecked")
 public void setAttribute(
     HttpServletRequest request, HttpServletResponse response, String name, Serializable value) {
   Map<String, Serializable> session =
       (Map<String, Serializable>) request.getAttribute(CURRENT_SESSION);
   String root;
   if (session == null) {
     root = RequestUtils.getRequestedSessionId(request);
     if (root != null && root.length() == 32) {
       session = sessionCache.getSession(root);
     }
     if (session == null) {
       session = new HashMap<String, Serializable>();
       do {
         root = sessionIdGenerator.get();
       } while (sessionCache.exist(root));
       response.addCookie(createCookie(request, root));
     }
     request.setAttribute(CURRENT_SESSION, session);
     request.setAttribute(CURRENT_SESSION_ID, root);
   } else {
     root = (String) request.getAttribute(CURRENT_SESSION_ID);
     if (root == null) {
       do {
         root = sessionIdGenerator.get();
       } while (sessionCache.exist(root));
       response.addCookie(createCookie(request, root));
       request.setAttribute(CURRENT_SESSION_ID, root);
     }
   }
   session.put(name, value);
   sessionCache.setSession(root, session, sessionTimeout);
 }

Example #12

File: CWE113_HTTP_Response_Splitting__getCookiesServlet_addCookieServlet_03.java Project: CheckmarxGitHub/GitFun

  /* goodG2B1() - use goodsource and badsink by changing first 5==5 to 5!=5 */
  private void goodG2B1(HttpServletRequest request, HttpServletResponse response) throws Throwable {
    String data;
    /* INCIDENTAL: CWE 570 Statement is Always False */
    if (5 != 5) {
      /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
      Logger log_bad = Logger.getLogger("local-logger");
      /* read parameter from cookie */
      Cookie cookieSources[] = request.getCookies();
      if (cookieSources != null) {
        data = cookieSources[0].getValue();
      } else {
        data = null;
      }
    } else {

      java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");

      /* FIX: Use a hardcoded string */
      data = "foo";
    }
    /* INCIDENTAL: CWE 571 Statement is Always True */
    if (5 == 5) {
      Cookie cookieSink = new Cookie("lang", data);
      /* POTENTIAL FLAW: Input not verified before inclusion in the cookie */
      response.addCookie(cookieSink);
    } else {
      /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */

      Cookie cookieSink = new Cookie("lang", URLEncoder.encode(data, "UTF-16"));
      /* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
      response.addCookie(cookieSink);
    }
  }

Example #13

File: Verify.java Project: NounVannakGitHub/paymoney-rest

 public static void setUserCookie(HttpServletResponse response, String email, String password) {
   Cookie cookie = new Cookie("appsaradev_us_email", email);
   Cookie cookie2 = new Cookie("appsaradev_us_password", password);
   cookie.setMaxAge(3600 * 24 * 30);
   cookie2.setMaxAge(3600 * 24 * 30);
   response.addCookie(cookie);
   response.addCookie(cookie2);
 }

Example #14

File: OAuth2CallbackServlet.java Project: mugglmenzel/RollerCoaster

  /*
   * (non-Javadoc)
   *
   * @see
   * javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest
   * , javax.servlet.http.HttpServletResponse)
   */
  @Override
  protected void doGet(HttpServletRequest req, HttpServletResponse resp)
      throws ServletException, IOException {

    log.info("GET got parameters: " + req.getParameterMap());
    log.info("HTTP Session: " + req.getSession().getAttributeNames());

    HttpSession httpsession = req.getSession();

    try {

      OAuth2Provider provider =
          OAuth2Provider.valueOf((String) httpsession.getAttribute("oauth.service"));
      log.info("Got provider: " + provider);

      String oauthVerifier = "";
      Token requestToken = null;
      Token accessToken = new Token("", provider.getSecret());
      OAuthService service = provider.getOAuthService();

      if (provider.getApi() instanceof DefaultApi20) {
        oauthVerifier = req.getParameter("code");
        log.info("got OAuth 2.0 authorization code: " + oauthVerifier);

      } else if (provider.getApi() instanceof DefaultApi10a) {
        oauthVerifier = req.getParameter("oauth_verifier");
        log.info("got OAuth 1.0a verifier: " + oauthVerifier);
        requestToken =
            req.getParameter("oauth_token") != null
                ? new Token((String) req.getParameter("oauth_token"), provider.getSecret())
                : (Token) httpsession.getAttribute("oauth.requestToken");
      }

      Verifier verifier = new Verifier(oauthVerifier);
      accessToken = service.getAccessToken(requestToken, verifier);
      log.info(
          "Got a OAuth access token: " + accessToken.getToken() + ", " + accessToken.getSecret());

      Cookie accessTokenCookie = new Cookie("oauth.accessToken", accessToken.getToken());
      accessTokenCookie.setMaxAge(14 * 24 * 60 * 60);
      accessTokenCookie.setPath("/");
      resp.addCookie(accessTokenCookie);
      Cookie serviceCookie = new Cookie("oauth.service", provider.toString());
      serviceCookie.setPath("/");
      serviceCookie.setMaxAge(14 * 24 * 60 * 60);
      resp.addCookie(serviceCookie);
      Cookie secretCookie = new Cookie("oauth.secret", accessToken.getSecret());
      secretCookie.setPath("/");
      secretCookie.setMaxAge(14 * 24 * 60 * 60);
      resp.addCookie(secretCookie);

      resp.sendRedirect((String) req.getSession().getAttribute("http.referer"));

    } catch (Exception e) {
      log.log(Level.WARNING, e.getLocalizedMessage(), e);
    }
  }

Example #15

File: SysLoginController.java Project: zhangdh/dxdzmspt

  @RequestMapping("/login.doAction")
  public String login(HttpServletRequest request, HttpServletResponse response) {
    String dlmc = request.getParameter("dlmc");
    String password = request.getParameter("mm");
    Login login = new Login();
    /*if(!login.valiNum()){
    	request.setAttribute("ifdl", "true");
    	request.setAttribute("warning", "系统注册未成功");
    	return "/login.jsp";
    }*/
    String login_redirect = "";
    boolean login_cookie = false;
    try {
      login_redirect = SysPara.getValue("login_redirect");
    } catch (Exception e) {
      login_redirect = "/login.jsp";
    }
    request.setAttribute("ifdl", "true");
    if ("".equals(dlmc) || dlmc == null) {
      dlmc = login.getCookieValue(request, "com.ashburz_username");
      password = login.getCookieValue(request, "com.ashburz_password");
      if ("".equals(password) || password == null) {
        request.setAttribute("dlmc", dlmc);
        return login_redirect;
      }
      Des des = new Des();
      password = des.getDesString(password);
      login_cookie = true;
    }
    String mainpage_url = (new StringBuilder("main.jsp?guid=")).append(Guid.get()).toString();
    String yhid = "";
    String isUSBKey = request.getParameter("isUSBKey");
    String plain_pass = password;
    password = Md5.getMd5(password);

    if (login.validate(dlmc, password)) {
      yhid = login.getYhid(dlmc);
      if (!login_cookie) {
        Cookie cookie_username = new Cookie("com.ashburz_username", dlmc);
        cookie_username.setMaxAge(0x1e13380);
        response.addCookie(cookie_username);
        if ("1".equals(request.getParameter("mem_pass"))) {
          Cookie cookie_pass =
              new Cookie("com.ashburz_password", (new Des()).getEncString(plain_pass));
          cookie_pass.setMaxAge(0x1e13380);
          response.addCookie(cookie_pass);
        }
      }
      if (login_cookie) login.resetLoginInfo(response, dlmc, yhid);
      else login.setLoginInfo(request, response, login, yhid, dlmc);
      return mainpage_url;
    } else {
      request.setAttribute("warning", "用户名或密码错误！！");
      return login_redirect;
    }
  }

Example #16

File: AuthenticationService.java Project: denizoguz/TrendOcean

 public void deleteRememberMeCookies(HttpServletResponse response) {
   Cookie tokenCookie = new Cookie(REMEMBER_ME_TOKEN, "");
   tokenCookie.setPath("/");
   tokenCookie.setMaxAge(0);
   response.addCookie(tokenCookie);
   Cookie rememberMeCookie = new Cookie(REMEMBER_ME_COOKIE, "");
   rememberMeCookie.setPath("/");
   rememberMeCookie.setMaxAge(0);
   response.addCookie(rememberMeCookie);
 }

Example #17

File: LoginBean.java Project: zhangxian97/Shane

 public void logout(HttpServletRequest request, HttpServletResponse response) throws IOException {
   Cookie cookie = HttpUtil.getCookie("userid", request);
   if (cookie == null) cookie = new Cookie("userid", "");
   cookie.setMaxAge(0);
   response.addCookie(cookie);
   cookie = HttpUtil.getCookie("username", request);
   if (cookie == null) cookie = new Cookie("username", "");
   cookie.setMaxAge(0);
   response.addCookie(cookie);
 }

Example #18

File: CWE113_HTTP_Response_Splitting__console_readLine_addCookieServlet_04.java Project: CheckmarxGitHub/GitFun

  /* goodG2B2() - use goodsource and badsink by reversing statements in first if */
  private void goodG2B2(HttpServletRequest request, HttpServletResponse response) throws Throwable {
    String data;
    /* INCIDENTAL: CWE 571 Statement is Always True */
    if (private_final_t) {
      java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger");
      /* FIX: Use a hardcoded string */
      data = "foo";
    } else {
      /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */

      Logger log_bad = Logger.getLogger("local-logger");

      data = ""; /* init data */

      /* read user input from console with readLine*/
      BufferedReader buffread = null;
      InputStreamReader instrread = null;
      try {
        instrread = new InputStreamReader(System.in);
        buffread = new BufferedReader(instrread);
        data = buffread.readLine();
      } catch (IOException ioe) {
        log_bad.warning("Error with stream reading");
      } finally {
        /* clean up stream reading objects */
        try {
          if (buffread != null) {
            buffread.close();
          }
        } catch (IOException ioe) {
          log_bad.warning("Error closing buffread");
        } finally {
          try {
            if (instrread != null) {
              instrread.close();
            }
          } catch (IOException ioe) {
            log_bad.warning("Error closing instrread");
          }
        }
      }
    }
    /* INCIDENTAL: CWE 571 Statement is Always True */
    if (private_final_t) {
      Cookie cookieSink = new Cookie("lang", data);
      /* POTENTIAL FLAW: Input not verified before inclusion in the cookie */
      response.addCookie(cookieSink);
    } else {
      /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */

      Cookie cookieSink = new Cookie("lang", URLEncoder.encode(data, "UTF-16"));
      /* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
      response.addCookie(cookieSink);
    }
  }

Example #19

File: ProfileServlet.java Project: chupakabra1996/servlet

  @Override
  protected void doPost(HttpServletRequest req, HttpServletResponse resp)
      throws ServletException, IOException {
    HttpSession session = req.getSession();
    String exitParam = req.getParameter("exit");
    String deleteParam = req.getParameter("delete");
    String settingsParam = req.getParameter("settings");

    if ("settings".equals(settingsParam)) {
      resp.sendRedirect("/profileSettings");
      return;
    }

    if ("exit".equals(exitParam)) {
      // обнуляем куку
      Cookie[] cookies = req.getCookies();
      if (cookies != null) {
        for (Cookie cookie : cookies) {
          if (cookie.getName().equals("remember")) {
            cookie.setMaxAge(0);
            cookie.setValue(null);
            resp.addCookie(cookie);
            break;
          }
        }
      }
      session.setAttribute("user_a", null);
      resp.sendRedirect("/login");
    }

    if ("delete".equals(deleteParam)) {
      // обнуляем куку
      Cookie[] cookies = req.getCookies();
      if (cookies != null) {
        for (Cookie cookie : cookies) {
          if (cookie.getName().equals("remember")) {
            cookie.setMaxAge(0);
            cookie.setValue(null);
            resp.addCookie(cookie);
            break;
          }
        }
      }
      try {
        UserRepository.deleteUser((User) session.getAttribute("user_a"));
      } catch (SQLException e) {
        req.setAttribute("message", "Some problems with server");
        resp.sendRedirect("/profile");

        e.printStackTrace();
      }
      session.setAttribute("user_a", null);
      resp.sendRedirect("/welcome");
    }
  }

Example #20

File: CWE257_Storing_Password_Recoverable_Format__Servlet_getQueryStringServlet_53d.java Project: CheckmarxGitHub/GitFun

  /* goodB2G() - use badsource and goodsink */
  public void goodB2G_sink(String data, HttpServletRequest request, HttpServletResponse response)
      throws Throwable {

    String prefix = "Tru3ly 0b$scUre";
    MessageDigest hash = MessageDigest.getInstance("SHA512");

    /* FIX: credentials hashed prior to setting in cookie */
    byte[] hashv = hash.digest((prefix + data).getBytes());

    response.addCookie(new Cookie("auth", IO.toHex(hashv)));
  }

Example #21

File: LogoutServlet.java Project: GrishaAngelov/Guice

 private void deleteCookies(HttpServletRequest request, HttpServletResponse response) {
   Cookie[] cookies = request.getCookies();
   for (Cookie cookie : cookies) {
     if (cookie.getName().equals("JSESSIONID")) {
       Cookie sessionCookie = new Cookie("JSESSIONID", null);
       sessionCookie.setPath(request.getContextPath());
       sessionCookie.setMaxAge(0);
       response.addCookie(sessionCookie);
     }
     cookie.setMaxAge(0);
     response.addCookie(cookie);
   }
 }

Example #22

File: CookieTest.java Project: ramonasuciu/ghostdriver

        @Override
        public void call(HttpServletRequest req, HttpServletResponse res) throws IOException {
          super.call(req, res);
          javax.servlet.http.Cookie cookie = new javax.servlet.http.Cookie("test", "test");
          cookie.setDomain(".localhost");
          cookie.setMaxAge(360);

          res.addCookie(cookie);

          cookie = new javax.servlet.http.Cookie("test2", "test2");
          cookie.setDomain(".localhost");
          res.addCookie(cookie);
        }

Example #23

File: LogoutServlet.java Project: nbonnet13/InfiniteLoop

  @Override
  public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
    Cookie c = new Cookie("Adminname", null);
    c.setMaxAge(0);
    Cookie student = new Cookie("Studentname", null);
    student.setMaxAge(0);
    Cookie teacher = new Cookie("Teachername", null);
    teacher.setMaxAge(0);

    resp.addCookie(c);
    resp.addCookie(student);
    resp.addCookie(teacher);
    resp.sendRedirect("/login.jsp");
  }

Example #24

File: CookiesManagerImpl.java Project: bloodmarry12/jresplus

  public void writeCookie(
      HttpServletRequest servletRequest,
      HttpServletResponse servletResponse,
      com.hundsun.jresplus.web.nosession.cookie.Cookie cookie) {
    int startNum = 0;
    if (cookie.getValue() != null) {
      if (cookie.getValue().length() > maxLength * maxCount) {
        log.error(
            "Cookie store full! cookie["
                + cookie.getName()
                + "] will be LOST! the cookies length="
                + cookie.getValue().length()
                + ", and the config maxlength[maxLength * maxCount]="
                + maxLength * maxCount);
        return;
      }

      if (cookie.getValue().length() + cookie.getName().length() > maxLength) {
        for (int beginOffset = 0, i = 1;
            beginOffset < cookie.getValue().length();
            beginOffset += (maxLength - cookie.getName().length()), i++) {
          int endOffset =
              Math.min(
                  beginOffset + (maxLength - cookie.getName().length()),
                  cookie.getValue().length());
          com.hundsun.jresplus.web.nosession.cookie.Cookie harpCookie =
              new com.hundsun.jresplus.web.nosession.cookie.Cookie(
                  cookie.getName() + startNum,
                  cookie.getValue().substring(beginOffset, endOffset),
                  cookie.isHttpOnly(),
                  cookie.getMaxAge(),
                  cookie.getPath(),
                  cookie.getDomain());
          servletResponse.addCookie(harpCookie);
          startNum = i;
        }
      } else {
        servletResponse.addCookie(cookie);
      }
    } else {
      startNum = -1;
    }
    clearGarbage(
        servletRequest,
        servletResponse,
        cookie.getName(),
        startNum,
        cookie.getPath(),
        cookie.getDomain());
  }

Example #25

File: UISearchBasisPortlet.java Project: gregorysebert/basis

  public UISearchBasisPortlet() throws Exception {
    HttpServletResponse response = Util.getPortalRequestContext().getResponse();
    String url[] = Util.getPortalRequestContext().getRequestURI().split("BO:");
    String nameBO[] = url[1].split("/");
    Cookie cookie = new Cookie("dayCheck", "No");
    response.addCookie(cookie);
    cookie = new Cookie("boName", nameBO[0]);
    response.addCookie(cookie);

    addChild(UISimpleSearchForm.class, null, "simpleSearch");
    addChild(UIAdvancedSearchForm.class, null, "advancedSearch");
    addChild(UIResultForm.class, null, "Result");
    setRenderedChild("simpleSearch");
  }

Example #26

File: AdminController.java Project: stokito/stokito-homepage

 @RequestMapping(value = "/admin/login", method = RequestMethod.POST)
 public String logIn(
     @RequestParam(value = "accountName", required = false) String account,
     @RequestParam(value = "accPassword", required = false) String password,
     HttpServletResponse response) {
   if (account == null || password == null) {
     account = "new value";
     password = "******";
   }
   isLogin = true;
   response.addCookie(new Cookie("login", account));
   response.addCookie(new Cookie("password", password));
   return "redirect:/admin";
 }

Example #27

  private void addCookie(ExternalContext extContext, Flash flash) {
    // Do not update the cookie if redirect after post
    if (flash.isRedirect()) {
      return;
    }

    String thisRequestSequenceString = null;
    HttpServletResponse servletResponse = null;
    // PortletRequest portletRequest = null;
    Object thisRequestSequenceStringObj, response = extContext.getResponse();

    thisRequestSequenceStringObj =
        extContext.getRequestMap().get(Constants.FLASH_THIS_REQUEST_ATTRIBUTE_NAME);
    if (null == thisRequestSequenceStringObj) {
      return;
    }
    thisRequestSequenceString = thisRequestSequenceStringObj.toString();

    if (response instanceof HttpServletResponse) {
      servletResponse = (HttpServletResponse) response;
      Cookie cookie =
          new Cookie(Constants.FLASH_POSTBACK_REQUEST_ATTRIBUTE_NAME, thisRequestSequenceString);
      cookie.setMaxAge(-1);
      servletResponse.addCookie(cookie);
    } else {
      /**
       * *** portletRequest = (PortletRequest) request; // You can't add a cookie in portlet. //
       * http://wiki.java.net/bin/view/Portlet/JSR168FAQ#How_can_I_set_retrieve_a_cookie
       * portletRequest.getPortletSession().setAttribute(Constants.FLASH_POSTBACK_REQUEST_ATTRIBUTE_NAME,
       * thisRequestSequenceString, PortletSession.PORTLET_SCOPE); *******
       */
    }
  }

Example #28

File: CookieSessionHandler.java Project: Lightraven/spark

 private void addCookie(String cookieContent, HttpServletResponse response) {
   Cookie cookie = new Cookie(CookieSessionHandler.session, cookieContent);
   cookie.setSecure(SparkBase.isSecure());
   cookie.setHttpOnly(true);
   cookie.setMaxAge(-1);
   response.addCookie(cookie);
 }

Example #29

File: DownloadServlet.java Project: eloncsprof/ch07download

  /**
   * Gets user email address, first and last name, puts them into a User object, puts the Object
   * user into session scope, adds a Cookie called emailCookie with the email address as its value,
   * stores the away into a EmailList.txt file that is store in openshift in OPENSHIFT_DATA_DIR
   * folder and locally under WEB-INF.
   *
   * @param request provides parameters for user information
   * @param response add the cookie to the response
   * @return String representing URL to go to next
   */
  private String registerUser(HttpServletRequest request, HttpServletResponse response) {

    // get the user data
    String email = request.getParameter("email");
    String firstName = request.getParameter("firstName");
    String lastName = request.getParameter("lastName");

    // store the data in a User object
    User user = new User();
    user.setEmail(email);
    user.setFirstName(firstName);
    user.setLastName(lastName);

    // write the User object to a file
    // ServletContext sc = getServletContext();
    // String path = sc.getRealPath("/WEB-INF/EmailList.txt");
    String path = this.getActualFile();
    System.out.println("Path: " + path);
    UserIO.add(user, path);

    // store the User object as a session attribute
    HttpSession session = request.getSession();
    session.setAttribute("user", user);

    // add a cookie that stores the user's email to browser
    Cookie c = new Cookie("emailCookie", email);
    c.setMaxAge(60 * 60 * 24 * 365 * 2); // set age to 2 years
    c.setPath("/"); // allow entire app to access it
    response.addCookie(c);

    // create and return a URL for the appropriate Download page
    String productCode = (String) session.getAttribute("productCode");
    String url = "/" + productCode + "_download.jsp";
    return url;
  }

Example #30

File: CookieServlet.java Project: CS212-S16/lectures

  public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {

    Cookie[] cookies = request.getCookies();

    int userID = -1;
    boolean newUser = false;

    // determine whether we've seen this user before
    if (cookies != null) {
      for (Cookie c : cookies) {
        if (c.getName().equals("userID")) {
          userID = Integer.parseInt(c.getValue());
          logger.log(Level.INFO, "Existing user: "******"userID", String.valueOf(userID));
      response.addCookie(c);
      logger.log(Level.INFO, "New user: "******"text/html");
    response.setStatus(HttpServletResponse.SC_OK);

    PrintWriter out = response.getWriter();

    String title = "Cookie Servlet";
    String bootstrapHeader =
        "<!DOCTYPE html>"
            + "<html lang=\"en\">\n"
            + "	<head>\n"
            + "		<title>"
            + title
            + "</title>\n"
            + "		<meta charset=\"utf-8\">\n"
            + "		<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n"
            + "		<link rel=\"stylesheet\" href=\"http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css\">\n"
            + "		<script src=\"https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js\"></script>\n"
            + "		<script src=\"http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js\"></script>\n"
            + "	</head>\n";

    String body =
        "	<body>\n"
            + "		<div class=\"container\">\n"
            + "			<p>Hello, "
            + (newUser ? "new" : "existing")
            + " user!</p>\n"
            + "		</div>\n"
            + "	</body>\n";

    String footer = "</html>";

    String page = bootstrapHeader + body + footer;
    out.println(page);
  }