@Override public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { org.owasp.benchmark.helpers.SeparateClassRequest scr = new org.owasp.benchmark.helpers.SeparateClassRequest(request); String param = scr.getTheValue("foo"); String bar = doSomething(param); try { javax.naming.directory.DirContext dc = org.owasp.benchmark.helpers.Utils.getDirContext(); dc.search("name", bar, new javax.naming.directory.SearchControls()); } catch (javax.naming.NamingException e) { throw new ServletException(e); } } // end doPost
@Override public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { java.util.Map<String, String[]> map = request.getParameterMap(); String param = ""; if (!map.isEmpty()) { param = map.get("foo")[0]; } String bar = new Test().doSomething(param); try { javax.naming.directory.DirContext dc = org.owasp.benchmark.helpers.Utils.getDirContext(); Object[] filterArgs = {"a", "b"}; dc.search("name", bar, filterArgs, new javax.naming.directory.SearchControls()); } catch (javax.naming.NamingException e) { throw new ServletException(e); } } // end doPost
@Override public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String param = request.getParameter("foo"); java.util.List<String> valuesList = new java.util.ArrayList<String>(); valuesList.add("safe"); valuesList.add(param); valuesList.add("moresafe"); valuesList.remove(0); // remove the 1st safe value String bar = valuesList.get(0); // get the param value try { javax.naming.directory.DirContext dc = org.owasp.benchmark.helpers.Utils.getDirContext(); Object[] filterArgs = {"a", "b"}; dc.search("name", bar, filterArgs, new javax.naming.directory.SearchControls()); } catch (javax.naming.NamingException e) { throw new ServletException(e); } }
@Override public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String[] values = request.getParameterValues("foo"); String param; if (values.length != 0) param = request.getParameterValues("foo")[0]; else param = null; String bar; // Simple ? condition that assigns constant to bar on true condition int i = 106; bar = (7 * 18) + i > 200 ? "This_should_always_happen" : param; try { javax.naming.directory.DirContext dc = org.owasp.benchmark.helpers.Utils.getDirContext(); Object[] filterArgs = {"a", "b"}; dc.search("name", bar, filterArgs, new javax.naming.directory.SearchControls()); } catch (javax.naming.NamingException e) { throw new ServletException(e); } }