public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) { try { String target = ((HttpServletRequest) request).getRequestURI(); HttpSession session = ((HttpServletRequest) request).getSession(); if (session == null) { /* まだ認証されていない */ session = ((HttpServletRequest) request).getSession(true); session.setAttribute("target", target); ((HttpServletResponse) response).sendRedirect("/refrigerator/LoginPage"); } else { Object loginCheck = session.getAttribute("login"); if (loginCheck == null) { /* まだ認証されていない */ session.setAttribute("target", target); ((HttpServletResponse) response).sendRedirect("/refrigerator/LoginPage"); } } chain.doFilter(request, response); } catch (ServletException se) { } catch (IOException e) { } }
@Override protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { PrintWriter out = response.getWriter(); out.print("<html><head><title>Page2</title></head><body>"); Users tmpUser = null; HttpSession session; tmpUser = usersService.findByLogin(request.getParameter("login")); if (tmpUser != null) { if ((tmpUser.getPassword()).equals(request.getParameter("password"))) { session = request.getSession(true); session.setAttribute("users", tmpUser); response.sendRedirect("http://localhost:8080/orders"); } else { out.print("Access denied :("); } } else { String login = request.getParameter("login"); String pass = request.getParameter("password"); tmpUser = new Users(login, pass); usersService.saveUsers(tmpUser); session = request.getSession(true); session.setAttribute("users", tmpUser); response.sendRedirect("http://localhost:8080/orders"); } out.print("</body></html>"); }
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); String title = "Reading All Request Parameters"; out.println( ServletUtilities.headWithTitle(title) + "<BODY BGCOLOR=\"#FDF5E6\">\n" + "<H1 ALIGN=CENTER>" + title + "</H1>\n" + "<TABLE BORDER=1 ALIGN=CENTER>\n" + "<TR BGCOLOR=\"#FFAD00\">\n" + "<TH>Parameter Name<TH>Parameter Value(s)"); Enumeration paramNames = request.getParameterNames(); while (paramNames.hasMoreElements()) { String paramName = (String) paramNames.nextElement(); out.println("<TR><TD>" + paramName + "\n<TD>"); String[] paramValues = request.getParameterValues(paramName); if (paramValues.length == 1) { String paramValue = paramValues[0]; if (paramValue.length() == 0) out.print("<I>No Value</I>"); else out.print(paramValue); } else { out.println("<UL>"); for (int i = 0; i < paramValues.length; i++) { out.println("<LI>" + paramValues[i]); } out.println("</UL>"); } } out.println("</TABLE>\n</BODY></HTML>"); }
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { resp.setContentType("text/html"); PrintWriter out = resp.getWriter(); UserService userService = UserServiceFactory.getUserService(); if (userService.isUserLoggedIn()) { User user = userService.getCurrentUser(); out.println("<p>You are signed in as " + user.getNickname() + ". "); if (userService.isUserAdmin()) { out.println("You are an administrator. "); } out.println("<a href=\"" + userService.createLogoutURL("/") + "\">Sign out</a>.</p>"); } else { out.println( "<p>You are not signed in to Google Accounts. " + "<a href=\"" + userService.createLoginURL(req.getRequestURI()) + "\">Sign in</a>.</p>"); } out.println( "<ul>" + "<li><a href=\"/\">/</a></li>" + "<li><a href=\"/required\">/required</a></li>" + "<li><a href=\"/admin\">/admin</a></li>" + "</ul>"); SimpleDateFormat fmt = new SimpleDateFormat("yyyy-MM-dd hh:mm:ss.SSSSSS"); fmt.setTimeZone(new SimpleTimeZone(0, "")); out.println("<p>The time is: " + fmt.format(new Date()) + "</p>"); }
/** * Attempts to send an internal server error HTTP error, if possible. Otherwise simply pushes the * exception message to the output stream. * * @param message Message to be printed to the logger and to the output stream. * @param t Exception that caused the error. */ protected void filterError(String message, Throwable t) { log.error("XSLT filter error: " + message, t); if (false == origResponse.isCommitted()) { // Reset the buffer and previous status code. origResponse.reset(); origResponse.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); origResponse.setContentType("text/html; charset=UTF-8"); } // Response committed. Just push the error to the output stream. try { final OutputStream os = origResponse.getOutputStream(); final PrintWriter osw = new PrintWriter(new OutputStreamWriter(os, "iso8859-1")); osw.write("<html><body><!-- " + XSLTFilterConstants.ERROR_TOKEN + " -->"); osw.write("<h1 style=\"color: red; margin-top: 1em;\">"); osw.write("Internal server exception"); osw.write("</h1>"); osw.write("<b>URI</b>: " + origRequest.getRequestURI() + "\n<br/><br/>"); serializeException(osw, t); if (t instanceof ServletException && ((ServletException) t).getRootCause() != null) { osw.write("<br/><br/><h2>ServletException root cause:</h2>"); serializeException(osw, ((ServletException) t).getRootCause()); } osw.write("</body></html>"); osw.flush(); } catch (IOException e) { // Not much to do in such case (connection broken most likely). log.debug("Filter error could not be returned to client."); } }
public void doGet(HttpServletRequest rq, HttpServletResponse rs) { PrintWriter pw = null; try { pw = rs.getWriter(); rs.setContentType("application/json"); OperatorBLInterface operatorInterface = new Operator(); LoyaltyApplication loyaltyApplication = new LoyaltyApplication(); boolean found = loyaltyApplication.operatorExists(Integer.parseInt(rq.getParameter("code"))); pw.println("{"); pw.println("\"success\":true,"); pw.println("\"found\":" + found); pw.println("}"); } catch (ApplicationException ae) { System.out.println(ae); pw.println("{"); pw.println("\"success\":false,"); pw.println("\"errorMessage\":" + "\"" + ae + "\""); pw.println("}"); } catch (Exception e) { System.out.println(e); } }
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { resp.setContentType("text/html"); resp.getWriter().println("<a href='/'>Back to home</a><br/>"); resp.getWriter().println("This is the admin page for making system updates."); resp.getWriter() .println("Please expect the system to take about 15 seconds to perform these actions."); NascarConfig config = NascarConfigSingleton.get(); Race race = config.getRace(); resp.getWriter() .println( String.format( "<h3>Current race: %d - %d (%s)</h3>", race.getYear(), race.getWeek(), race.getRaceName())); resp.getWriter().println("<form method='POST'>"); resp.getWriter() .println( "<p>Click the following magic button after the race results are in to prepare the system for the new week.</p>"); resp.getWriter().println("<input type='hidden' name='action' value='nextrace'/>"); resp.getWriter() .println("<button type='submit'>Calculate Results and go to next Race</button></form>"); resp.getWriter().println("<form method='POST'>"); String lineupString = config.getCanEditLineup() ? "Lineups are unlocked" : "Lineups are locked"; resp.getWriter().println(lineupString); resp.getWriter().println("<input type='hidden' name='action' value='toggleeditable'/>"); String lineupText = config.getCanEditLineup() ? "Lock lineups" : "Unlock lineups"; resp.getWriter().println("<button type='submit'>" + lineupText + "</button></form>"); resp.getWriter().println("<BR/>Last operation: " + LAST_OPERATION_MESSAGE); }
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { String pathInfo = req.getPathInfo(); if (pathInfo.equals("/")) { HttpSession session = req.getSession(); if (session == null) { resp.setStatus(401); return; } String username = (String) session.getAttribute("username"); if (username == null) { resp.setStatus(401); return; } Map userMap = loadUserSettingsMap(username); if (userMap == null) { resp.setStatus(401); return; } Enumeration parameterNames = req.getParameterNames(); while (parameterNames.hasMoreElements()) { String parameterName = (String) parameterNames.nextElement(); userMap.put(parameterName, req.getParameter(parameterName)); } saveUserSettingsMap(username, userMap); return; } super.doPost(req, resp); }
public void doGet(HttpServletRequest rq, HttpServletResponse rs) { PrintWriter pw = null; try { pw = rs.getWriter(); rs.setContentType("application/json"); LoyaltyApplication loyaltyApplication = new LoyaltyApplication(); loyaltyApplication.removeOperator(Integer.parseInt(rq.getParameter("code"))); pw.println("{"); pw.println("\"success\":true,"); pw.println("\"message\":\"removed\""); pw.println("}"); } catch (ApplicationException ae) { System.out.println(ae); pw.println("{"); pw.println("\"success\":false,"); pw.println("\"errorMessage\":" + "\"" + ae + "\""); pw.println("}"); } catch (IOException ioe) { System.out.println(ioe); } }
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { try { response.setContentType("text/html"); PrintWriter out = response.getWriter(); /*String n=request.getParameter("username"); out.print("Welcome "+n);*/ String name = request.getParameter("name"); String dob = request.getParameter("dob"); String address = request.getParameter("address"); String email = request.getParameter("email"); HttpSession session = request.getSession(true); String userid = (String) session.getAttribute("theName"); int AccNo = 0; String AccMsg = ""; DbCommunication db_comm = new DbCommunication(); AccNo = db_comm.accountCreation(name, dob, address, email, userid); // db_comm.accountCreation(name,email); AccMsg = "Account created successfully. Account number is:" + AccNo; // out.println(AccMsg); String redirectURL = "accountCreationPage.jsp"; response.sendRedirect(redirectURL); session.setAttribute("AccCreationalMsgStatus", "set"); session.setAttribute("AccCreationalMsg", AccMsg); } catch (Exception e) { System.out.println(e); } }
private void callMethodForMultiPart(HttpServletRequest req, HttpServletResponse resp) throws Exception { String pinfo = req.getPathInfo(); int pos = pinfo.indexOf('.'); String cname = pinfo.substring(1, pos).replace('/', '.'); String mname = pinfo.substring(pos + 1); MultiPartMap map = new MultiPartMap(); FileItemIterator ite = new FileUpload().getItemIterator(req); while (ite.hasNext()) { FileItemStream item = ite.next(); if (item.isFormField()) { map.put(item.getFieldName(), IOUtil.streamToString(item.openStream(), "UTF-8")); } else { FileItem val = new FileItem( item.getFileName(), item.getContentType(), IOUtil.streamToBytes(item.openStream())); map.put(item.getFieldName(), val); } } Class clazz = Class.forName(cname); Class[] types = new Class[] {MultiPartMap.class}; Method method = clazz.getMethod(mname, types); if (method == null) { throw new RuntimeException("Not found method " + mname + "(Map)"); } Object result = method.invoke(null, map); resp.setContentType(MIME_HTML + ";charset=utf-8"); resp.getWriter().write(result.toString()); }
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); String title = "Showing Request Headers"; StringBuilder sb = new StringBuilder(); sb.append("<html>\n<head>\n"); sb.append("<title>" + title + "</title>\n"); sb.append("</head>\n"); sb.append("<body bgcolor='#FDF5E6'>\n"); sb.append("<h1 align='center'>" + title + "</h1>\n"); sb.append("<b> Request Method: </b>" + request.getMethod() + "<br>\n"); sb.append("<b> Request URI: </b>" + request.getRequestURI() + "<br>\n"); sb.append("<b> Request Protocol: </b>" + request.getProtocol() + "<br>\n"); sb.append("<table border=1 align='center'>\n"); sb.append("<tr bgcolor='#FFAD00'>\n"); sb.append("<th> Header Name </th><th> Header Value </th></tr>\n"); Enumeration headerNames = request.getHeaderNames(); while (headerNames.hasMoreElements()) { String headerName = (String) headerNames.nextElement(); sb.append("<tr><td>" + headerName + "</td>"); sb.append("<td>" + request.getHeader(headerName) + "</td></tr>\n"); } sb.append("</table>\n"); sb.append("</body></html>"); out.println(sb.toString()); out.close(); }
/* goodG2B() - use goodsource and badsink by changing the "if" so that * both branches use the GoodSource */ private void goodG2B(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; if (IO.staticReturnsTrueOrFalse()) { /* FIX: Use a hardcoded string */ data = "foo"; } else { /* FIX: Use a hardcoded string */ data = "foo"; } if (data != null) { /* This prevents \r\n (and other chars) and should prevent incidentals such * as HTTP Response Splitting and HTTP Header Injection. */ URI uri; try { uri = new URI(data); } catch (URISyntaxException exceptURISyntax) { response.getWriter().write("Invalid redirect URL"); return; } /* POTENTIAL FLAW: redirect is sent verbatim; escape the string to prevent ancillary issues like XSS, Response splitting etc */ response.sendRedirect(data); return; } }
public void service(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); try { userObj = new User(); tmsManager = new TMSManager(); RequestDispatcher rd1 = request.getRequestDispatcher("./header"); rd1.include(request, response); out.println("<html><head><title>UpdateUser</title></head>"); out.println("<body onload=onSubmit() bgcolor =\"#ffcc00\">"); out.println("<form method =\"POST\" action =\"./updateUser\" ><br><br><br>"); out.println("<table border = 1 width = \"40%\" align = \"center\" bgcolor = \"#bbccff\">"); out.println("<caption><b>UpdateUser</b></caption>"); out.println("<tr><td style = font face: verdana>Enter User ID</td>"); out.println("<td><input type = \"text\" name = \"user_id\" ></td></tr>"); out.println( "<tr><td colspan = 2 align = \"center\"><input type = \"submit\" name = \"Submit\" value = \"Submit\">"); out.println("<input type = \"Reset\" name = \"Reset\" value = \"Clear\"></td></tr>"); out.println("</table>"); out.println("</body></html>"); // String user_id = request.getParameter("user_id"); // userObj = tmsManager.getUser(user_id); } catch (Exception e) { System.out.println(e.getMessage()); } RequestDispatcher rd2 = request.getRequestDispatcher("./footer"); rd2.include(request, response); }
public void service(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException { res.setHeader("A", "a"); res.setHeader("Content-Length", "0"); res.setHeader("B", "b"); }
public void bad(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; if (IO.static_returns_t_or_f()) { Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } } else { java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger"); /* FIX: Use a hardcoded string */ data = "foo"; } if (IO.static_returns_t_or_f()) { /* POTENTIAL FLAW: Input from file not verified */ response.addHeader("Location", "/author.jsp?lang=" + data); } else { /* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */ data = URLEncoder.encode(data, "UTF-16"); response.addHeader("Location", "/author.jsp?lang=" + data); } }
/* goodB2G() - use badsource and goodsink by changing the second "if" so that both branches use the GoodSink */ private void goodB2G(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; if (IO.static_returns_t_or_f()) { Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } } else { Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } } if (IO.static_returns_t_or_f()) { /* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */ data = URLEncoder.encode(data, "UTF-16"); response.addHeader("Location", "/author.jsp?lang=" + data); } else { /* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */ data = URLEncoder.encode(data, "UTF-16"); response.addHeader("Location", "/author.jsp?lang=" + data); } }
/* goodG2B2() - use goodsource and badsink by reversing statements in if */ private void goodG2B2(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; if (IO.STATIC_FINAL_TRUE) { /* FIX: Use a hardcoded string */ data = "foo"; } else { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run * but ensure data is inititialized before the Sink to avoid compiler errors */ data = null; } if (data != null) { /* This prevents \r\n (and other chars) and should prevent incidentals such * as HTTP Response Splitting and HTTP Header Injection. */ URI uri; try { uri = new URI(data); } catch (URISyntaxException exceptURISyntax) { response.getWriter().write("Invalid redirect URL"); return; } /* POTENTIAL FLAW: redirect is sent verbatim; escape the string to prevent ancillary issues like XSS, Response splitting etc */ response.sendRedirect(data); return; } }
public void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { res.setContentType("text/html"); PrintWriter out = res.getWriter(); Enumeration values = req.getParameterNames(); String name = ""; String value = ""; String id = ""; while (values.hasMoreElements()) { name = ((String) values.nextElement()).trim(); value = req.getParameter(name).trim(); if (name.equals("id")) id = value; } if (url.equals("")) { url = getServletContext().getInitParameter("url"); cas_url = getServletContext().getInitParameter("cas_url"); } HttpSession session = null; session = req.getSession(false); if (session != null) { session.invalidate(); } res.sendRedirect(cas_url); return; }
/* goodG2B() - use goodsource and badsink by changing the conditions on the first and second while statements */ private void goodG2B(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; boolean local_f = false; while (true) { java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger"); /* FIX: Use a hardcoded string */ data = "foo"; break; } while (local_f) { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ Logger log_bad = Logger.getLogger("local-logger"); /* get environment variable ADD */ data = System.getenv("ADD"); break; } while (true) { Cookie cookieSink = new Cookie("lang", data); /* POTENTIAL FLAW: Input not verified before inclusion in the cookie */ response.addCookie(cookieSink); break; } while (local_f) { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ Cookie cookieSink = new Cookie("lang", URLEncoder.encode(data, "UTF-16")); /* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */ response.addCookie(cookieSink); break; } }
protected void doDelete(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { String pathInfo = req.getPathInfo(); HttpSession session = req.getSession(); if (session == null) { resp.setStatus(401); return; } String username = (String) session.getAttribute("username"); if (username == null) { resp.setStatus(401); return; } Map userMap = loadUserSettingsMap(username); if (userMap == null) { resp.setStatus(401); return; } if (pathInfo.equals("/")) { userMap.clear(); } String key = pathInfo.substring(1); userMap.remove(key); saveUserSettingsMap(username, userMap); return; }
// Set an appropriate CORS header if requested and if allowed private void setCorsHeader(HttpServletRequest pReq, HttpServletResponse pResp) { String origin = requestHandler.extractCorsOrigin(pReq.getHeader("Origin")); if (origin != null) { pResp.setHeader("Access-Control-Allow-Origin", origin); pResp.setHeader("Access-Control-Allow-Credentials", "true"); } }
public void doGet(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException { res.setContentType("text/html"); try { PrintWriter pw = res.getWriter(); pw.println("<html><head><TITLE>Web-Enabled Automated Manufacturing System</TITLE></head>"); pw.println( "<body><br><br><br><form name=modifyuser method=post action='http://peers:8080/servlet/showUser')"); v = U.allUsers(); pw.println("<table align='center' border=0> <tr><td>"); pw.println( "Select User Name To Modify</td><td><SELECT id=select1 name=uid style='HEIGHT: 22px; LEFT: 74px; TOP: 222px; WIDTH: 155px'>"); pw.println("<OPTION selected value=''></OPTION>"); for (i = 0; i < v.size(); i++) pw.println( "<OPTION value=" + (String) v.elementAt(i) + ">" + (String) v.elementAt(i) + "</OPTION>"); pw.println( "</SELECT></td></tr><tr><td></td><td><input type='submit' name='submit' value='Submit'></td></tr></table></form></body></html>"); pw.flush(); pw.close(); } catch (Exception e) { } }
/* goodG2B1() - use goodsource and badsink by changing first 5==5 to 5!=5 */ private void goodG2B1(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; /* INCIDENTAL: CWE 570 Statement is Always False */ if (5 != 5) { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from cookie */ Cookie cookieSources[] = request.getCookies(); if (cookieSources != null) { data = cookieSources[0].getValue(); } else { data = null; } } else { java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger"); /* FIX: Use a hardcoded string */ data = "foo"; } /* INCIDENTAL: CWE 571 Statement is Always True */ if (5 == 5) { Cookie cookieSink = new Cookie("lang", data); /* POTENTIAL FLAW: Input not verified before inclusion in the cookie */ response.addCookie(cookieSink); } else { /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ Cookie cookieSink = new Cookie("lang", URLEncoder.encode(data, "UTF-16")); /* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */ response.addCookie(cookieSink); } }
@Override public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { String thisUsersId = req.getParameter("userId"); if ("true".equals(req.getParameter("pingAlive"))) { updateLastAliveTime(thisUsersId); } else { ObjectMapper mapper = new ObjectMapper(); ArrayNode usersArray = mapper.createArrayNode(); for (Map.Entry<String, User> userEntry : users.entrySet()) { if (!thisUsersId.equals(userEntry.getKey())) { User user = userEntry.getValue(); Date now = new Date(); if ((now.getTime() - user.getLastAliveTime().getTime()) / 1000 <= 10) { ObjectNode userJson = mapper.createObjectNode(); userJson.put("user_id", userEntry.getKey()); userJson.put("user_name", user.getName()); usersArray.add(userJson); } } } ObjectNode usersJson = mapper.createObjectNode(); usersJson.put("opponents", usersArray); resp.setContentType("application/json; charset=UTF-8"); mapper.writeValue(resp.getWriter(), usersJson); } }
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html; charset=UTF-8"); Tools.sendDisableCacheHeaders(response); final PrintWriter out = response.getWriter(); out.println("<html>"); out.println(" <body>"); Cookie cookie = getCookie("carlos-cookie-test", request); if (cookie == null) { print(out, "No cookie set."); } else { print(out, "<b>Cookie ID</b>: " + cookie.getName() + "<br>"); print(out, "<b>Value</b>: " + cookie.getValue() + "<br>"); refreshCookie(cookie, response); } out.println(" <br>"); out.println(" <form method=\"post\">"); out.println(" <input type=\"submit\" value=\"create\" name=\"button\"><br><br>"); out.println(" <input type=\"submit\" value=\"delete\" name=\"button\"><br><br>"); out.println(" <input type=\"submit\" value=\"no-pass\" name=\"button\"><br>"); out.println(" </form>"); out.println(" </body>"); out.println("</html>"); out.close(); }
public void doGet(HttpServletRequest solicitacao, HttpServletResponse resposta) throws IOException, ServletException { resposta.setContentType("text/html"); PrintWriter out = resposta.getWriter(); out.println("<html>"); out.println("<body>"); out.println("<center>"); out.println("<h1>Insira os dados para a criação do cookie</h1>"); out.println("</center>"); out.println("<table border='0' width='400'>"); out.println("<tr>"); out.println("<td>"); out.println("<form method='post' action='ExemploCookies'>"); out.println("<font face='verdana' size='2'>"); out.println("Nome do cookie: < / font > "); out.println("<input type='text' name='nome' size = '20'>"); out.println("<br>"); out.println("<font face='verdana' size='2'>"); out.println("Valor do cookie: < / font > "); out.println("<input type='text' name='valor' size ='20'><br > "); out.println("</td>"); out.println("</tr>"); out.println("<tr>"); out.println("<td align='center'>"); out.println("<input type='submit' value='Criar' name = 'S1'>"); out.println(" "); out.println("<input type='reset' value='Limpar' name = 'S2'>"); out.println("</td>"); out.println("</tr>"); out.println("</table>"); out.println("</body>"); out.println("</html>"); }
/* goodG2B() - use goodsource and badsink by moving BadSource and BadSink to after return */ private void goodG2B(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; { java.util.logging.Logger log_good = java.util.logging.Logger.getLogger("local-logger"); /* FIX: Use a hardcoded string */ data = "foo"; /* POTENTIAL FLAW: Input not verified before inclusion in header */ response.setHeader("Location", "/author.jsp?lang=" + data); } if (true) return; /* INCIDENTAL: CWE 571 Expression is Always True. We need the "if(true)" because the Java Language Spec requires that unreachable code generate a compiler error */ /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ { Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from request */ data = request.getParameter("name"); /* POTENTIAL FLAW: Input not verified before inclusion in header */ response.setHeader("Location", "/author.jsp?lang=" + data); } }
@Override protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // POST method only used for tracked login operation HttpSession session = request.getSession(); response.setContentType("text/plain"); PrintWriter out = response.getWriter(); // Get the username and password from request String username = request.getParameter("id"); String password = request.getParameter("pwd"); Long id = 0L; try { id = Long.parseLong(username); } catch (Exception ex) { } if (username != null && password != null) { // Login into tracked system CTracked ctracked = db.loginTrackedFromMobile(id, password).getResult(); if (ctracked != null) { // Login successful out.print("OK," + ctracked.getUsername()); session.setAttribute("device_id", ctracked.getUsername()); log.info(ctracked + " : logined!"); } } }
/* goodB2G() - use badsource and goodsink by switching statements around return */ private void goodB2G(HttpServletRequest request, HttpServletResponse response) throws Throwable { String data; Logger log_bad = Logger.getLogger("local-logger"); /* read parameter from request */ data = request.getParameter("name"); { /* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */ data = URLEncoder.encode(data, "UTF-16"); response.setHeader("Location", "/author.jsp?lang=" + data); } if (true) return; /* INCIDENTAL: CWE 571 Expression is Always True. We need the "if(true)" because the Java Language Spec requires that unreachable code generate a compiler error */ /* INCIDENTAL: CWE 561 Dead Code, the code below will never run */ { /* POTENTIAL FLAW: Input not verified before inclusion in header */ response.setHeader("Location", "/author.jsp?lang=" + data); } }