javax.servlet.http.HttpServletRequest#getParameterNames()源码实例Demo

下面列出了javax.servlet.http.HttpServletRequest#getParameterNames() 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。

源代码1 项目: Tomcat8-Source-Read   文件: TestRequest.java
/**
 * Only interested in the parameters and values for POST requests.
 */
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
        throws ServletException, IOException {
    // Just echo the parameters and values back as plain text
    resp.setContentType("text/plain");

    PrintWriter out = resp.getWriter();

    // Assume one value per attribute
    Enumeration<String> names = req.getParameterNames();
    while (names.hasMoreElements()) {
        String name = names.nextElement();
        out.println(name + "=" + req.getParameter(name));
    }
}
 
源代码2 项目: haven-platform   文件: HttpProxy.java
private HttpEntity createEntity(HttpServletRequest servletRequest) throws IOException {
    final String contentType = servletRequest.getContentType();
    // body with 'application/x-www-form-urlencoded' is handled by tomcat therefore we cannot
    // obtain it through input stream and need some workaround
    if (ContentType.APPLICATION_FORM_URLENCODED.getMimeType().equals(contentType)) {
        List<NameValuePair> entries = new ArrayList<>();
        // obviously that we also copy params from url, but we cannot differentiate its
        Enumeration<String> names = servletRequest.getParameterNames();
        while (names.hasMoreElements()) {
            String name = names.nextElement();
            entries.add(new BasicNameValuePair(name, servletRequest.getParameter(name)));
        }
        return new UrlEncodedFormEntity(entries, servletRequest.getCharacterEncoding());
    }

    // Add the input entity (streamed)
    //  note: we don't bother ensuring we close the servletInputStream since the container handles it
    return new InputStreamEntity(servletRequest.getInputStream(),
            servletRequest.getContentLength(),
            ContentType.create(contentType));
}
 
源代码3 项目: lutece-core   文件: AdminAuthenticationService.java
/**
 * Set the admin login next url
 * 
 * @param request
 *            the HTTP request
 */
public void setLoginNextUrl( HttpServletRequest request )
{
    String strNextUrl = request.getRequestURI( );
    UrlItem url = new UrlItem( strNextUrl );
    Enumeration enumParams = request.getParameterNames( );

    while ( enumParams.hasMoreElements( ) )
    {
        String strParamName = (String) enumParams.nextElement( );
        url.addParameter( strParamName, request.getParameter( strParamName ) );
    }

    HttpSession session = request.getSession( true );
    session.setAttribute( ATTRIBUTE_ADMIN_LOGIN_NEXT_URL, url.getUrl( ) );
}
 
源代码4 项目: javabase   文件: LoginInterceptor.java
/**
 * 异步将访问信息丢到卡夫卡
 * @param request
 * @throws Exception
    */
private void saveLogToKafka(HttpServletRequest request) throws Exception {
	// TODO 按照约定好的格式存放日志数据
	Map<String, String> map = new HashMap<>();
	map.put("userId", (String) request.getSession().getAttribute(GlobalConstant.USE_ID));
	map.put("ip", ApiTools.getIpAddr(request));
	map.put("url", request.getRequestURI());
	map.put("time", DateUtils.getDateTime());
	map.put("agent", request.getHeader("USER-AGENT"));
	StringBuilder stringBuilder = new StringBuilder();
	stringBuilder.append("参数:");
	Enumeration<String> paramers = request.getParameterNames();
	while (paramers.hasMoreElements()) {
		String key = paramers.nextElement();
		stringBuilder.append(key + "=" + request.getParameter(key));
	}
	map.put("paramers", stringBuilder.toString());
	log.info("saveToKafka : " + JSONObject.toJSONString(map));
	kafkaClientUtil.send(JSONObject.toJSONString(map));
}
 
源代码5 项目: rice   文件: WebUtils.java
/**
 * Iterates through and logs (at the given level) all attributes and
 * parameters of the given request onto the given Logger
 * 
 * @param request
 * @param logger
 */
public static void logRequestContents(Logger logger, Level level, HttpServletRequest request) {
	if (logger.isEnabledFor(level)) {
		logger.log(level, "--------------------");
		logger.log(level, "HttpRequest attributes:");
		for (Enumeration e = request.getAttributeNames(); e.hasMoreElements();) {
			String attrName = (String) e.nextElement();
			Object attrValue = request.getAttribute(attrName);

			if (attrValue.getClass().isArray()) {
				logCollection(logger, level, attrName, Arrays.asList((Object[]) attrValue));
			}
			else if (attrValue instanceof Collection) {
				logCollection(logger, level, attrName, (Collection) attrValue);
			}
			else if (attrValue instanceof Map) {
				logMap(logger, level, attrName, (Map) attrValue);
			}
			else {
				logObject(logger, level, attrName, attrValue);
			}
		}

		logger.log(level, "--------------------");
		logger.log(level, "HttpRequest parameters:");
		for (Enumeration i = request.getParameterNames(); i.hasMoreElements();) {
			String paramName = (String) i.nextElement();
			String[] paramValues = (String[]) request.getParameterValues(paramName);

			logArray(logger, level, paramName, paramValues);
		}

		logger.log(level, "--------------------");
	}
}
 
源代码6 项目: opencps-v2   文件: VNPostNGSPServlet.java
@Override
protected void doGet(
	HttpServletRequest request, HttpServletResponse response)
	throws IOException, ServletException {

	if (_log.isInfoEnabled()) {
		_log.info("VNPostNGSPServlet doGet");
	} else {
		System.out.println("VNPostNGSPServlet doGet sys");
	}

	try {
		Enumeration<String> enumeration = request.getParameterNames();
		Map<String, Object> modelMap = new HashMap<>();
		while (enumeration.hasMoreElements()) {
			String parameterName = enumeration.nextElement();
			modelMap.put(
				parameterName, request.getParameter(parameterName));
			_log.info(
				parameterName +
					"=" +
					request.getParameter(parameterName));
		}
		String tokenUrl = request.getParameter("tokenUrl");
		String consumer_key = request.getParameter("consumer_key");
		String secret_key = request.getParameter("secret_key");
		System.out.println(tokenUrl + consumer_key + secret_key);
		getToken(tokenUrl, consumer_key, secret_key);
	}
	catch (Exception e) {
		_log.error(e);
	}

	_writeSampleHTML(response);
}
 
源代码7 项目: Benchmark   文件: BenchmarkTest02341.java
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
	response.setContentType("text/html;charset=UTF-8");

	String param = "";
	boolean flag = true;
	java.util.Enumeration<String> names = request.getParameterNames();
	while (names.hasMoreElements() && flag) {
		String name = (String) names.nextElement();		    	
		String[] values = request.getParameterValues(name);
		if (values != null) {
			for(int i=0;i<values.length && flag; i++){
				String value = values[i];
				if (value.equals("BenchmarkTest02341")) {
					param = name;
				    flag = false;
				}
			}
		}
	}

	String bar = doSomething(request, param);
	
	String cmd = org.owasp.benchmark.helpers.Utils.getInsecureOSCommandString(this.getClass().getClassLoader());
	String[] args = {cmd};
       String[] argsEnv = { bar };
       
	Runtime r = Runtime.getRuntime();

	try {
		Process p = r.exec(args, argsEnv, new java.io.File(System.getProperty("user.dir")));
		org.owasp.benchmark.helpers.Utils.printOSCommandResults(p, response);
	} catch (IOException e) {
		System.out.println("Problem executing cmdi - TestCase");
		response.getWriter().println(
		  org.owasp.esapi.ESAPI.encoder().encodeForHTML(e.getMessage())
		);
		return;
	}
}
 
源代码8 项目: openemm   文件: ComImportWizardForm.java
/**
 * Gets mailing lists from request.
 */
protected Vector<String> getMailinglistsFromRequest(HttpServletRequest req) {
	String aParam = null;
	Vector<String> mailingLists = new Vector<>();
	Enumeration<String> e = req.getParameterNames();
	while (e.hasMoreElements()) {
		aParam = e.nextElement();
		if (aParam.startsWith("agn_mlid_")) {
			mailingLists.add(aParam.substring(9));
		}
	}
	return mailingLists;
}
 
源代码9 项目: xmfcn-spring-cloud   文件: UnifiedException.java
/**
 * dingTalkMessage:(发送钉钉消息)
 * @author: airufei
 * @date:2018/1/3 18:08
 * @return:
 */
private void dingTalkMessage(HttpServletRequest request, Throwable throwable) {
    Enumeration<String> enu = request.getParameterNames();
    String requestUrl = request.getRequestURI();
    StringBuilder sb = new StringBuilder();
    while (enu.hasMoreElements()) {
        String paraName = enu.nextElement();
        sb.append(" " + paraName + ":" + request.getParameter(paraName));
    }
    String stackMessage = StringUtil.getExceptionMsg(throwable);
    String url = StringUtil.getSystemUrl(request) + requestUrl;
    logger.error(stackMessage);
    sysCommonService.sendDingMessage(requestUrl,sb.toString(),null,stackMessage,this.getClass());
}
 
源代码10 项目: Benchmark   文件: BenchmarkTest01444.java
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
	response.setContentType("text/html;charset=UTF-8");

	String param = "";
	boolean flag = true;
	java.util.Enumeration<String> names = request.getParameterNames();
	while (names.hasMoreElements() && flag) {
		String name = (String) names.nextElement();		    	
		String[] values = request.getParameterValues(name);
		if (values != null) {
			for(int i=0;i<values.length && flag; i++){
				String value = values[i];
				if (value.equals("BenchmarkTest01444")) {
					param = name;
				    flag = false;
				}
			}
		}
	}

	String bar = new Test().doSomething(request, param);
	
	String cmd = org.owasp.benchmark.helpers.Utils.getInsecureOSCommandString(this.getClass().getClassLoader());
       
	String[] argsEnv = { bar };
	Runtime r = Runtime.getRuntime();

	try {
		Process p = r.exec(cmd, argsEnv);
		org.owasp.benchmark.helpers.Utils.printOSCommandResults(p, response);
	} catch (IOException e) {
		System.out.println("Problem executing cmdi - TestCase");
		response.getWriter().println(
		  org.owasp.esapi.ESAPI.encoder().encodeForHTML(e.getMessage())
		);
		return;
	}
}
 
源代码11 项目: getting-started-java   文件: CreateServlet.java
@Override
public void doPost(HttpServletRequest req, HttpServletResponse resp)
    throws ServletException, IOException {
  String text = req.getParameter("data");
  String sourceLang = req.getParameter("sourceLang");
  String targetLang = req.getParameter("targetLang");

  Enumeration<String> paramNames = req.getParameterNames();
  while (paramNames.hasMoreElements()) {
    String paramName = paramNames.nextElement();
    logger.warning("Param name: " + paramName + " = " + req.getParameter(paramName));
  }

  Publisher publisher = (Publisher) getServletContext().getAttribute("publisher");

  PubsubMessage pubsubMessage =
      PubsubMessage.newBuilder()
          .setData(ByteString.copyFromUtf8(text))
          .putAttributes("sourceLang", sourceLang)
          .putAttributes("targetLang", targetLang)
          .build();

  try {
    publisher.publish(pubsubMessage).get();
  } catch (InterruptedException | ExecutionException e) {
    throw new ServletException("Exception publishing message to topic.", e);
  }

  resp.sendRedirect("/");
}
 
源代码12 项目: Benchmark   文件: BenchmarkTest01463.java
@Override
	public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		response.setContentType("text/html;charset=UTF-8");
	
		String param = "";
		boolean flag = true;
		java.util.Enumeration<String> names = request.getParameterNames();
		while (names.hasMoreElements() && flag) {
			String name = (String) names.nextElement();		    	
			String[] values = request.getParameterValues(name);
			if (values != null) {
				for(int i=0;i<values.length && flag; i++){
					String value = values[i];
					if (value.equals("BenchmarkTest01463")) {
						param = name;
					    flag = false;
					}
				}
			}
		}

		String bar = new Test().doSomething(request, param);
		
		String sql = "{call " + bar + "}";
				
		try {
			java.sql.Connection connection = org.owasp.benchmark.helpers.DatabaseHelper.getSqlConnection();
			java.sql.CallableStatement statement = connection.prepareCall( sql, java.sql.ResultSet.TYPE_FORWARD_ONLY, 
							java.sql.ResultSet.CONCUR_READ_ONLY, java.sql.ResultSet.CLOSE_CURSORS_AT_COMMIT );
			java.sql.ResultSet rs = statement.executeQuery();
            org.owasp.benchmark.helpers.DatabaseHelper.printResults(rs, sql, response);
        } catch (java.sql.SQLException e) {
        	if (org.owasp.benchmark.helpers.DatabaseHelper.hideSQLErrors) {
        		response.getWriter().println(
"Error processing request."
);
        		return;
        	}
			else throw new ServletException(e);
		}
	}
 
private HttpTestData parseTestData(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

            HttpTestData data = new HttpTestData();
            data.setCode(200);
            data.setOrigin(req.getRemoteAddr());
            data.setUrl(req.getRequestURL().toString());

            Enumeration<String> parameterNames = req.getParameterNames();
            while (parameterNames.hasMoreElements()) {
                String paramName = parameterNames.nextElement();
                String[] paramValues = req.getParameterValues(paramName);
                switch (paramName) {
                    case "code": {
                        data.setCode(Integer.parseInt(paramValues[0]));
                        break;
                    }
                    case "delay": {
                        data.setDelay(Integer.parseInt(paramValues[0]));
                        break;
                    }
                }
                data.getArgs().put(paramName, paramValues);
            }
            Enumeration<String> headerNames = req.getHeaderNames();
            while (headerNames.hasMoreElements()) {
                String headerName = headerNames.nextElement();
                Enumeration<String> headerValues = req.getHeaders(headerName);
                List<String> headerList = new ArrayList<>();
                while (headerValues.hasMoreElements()) {
                    headerList.add(headerValues.nextElement());
                }
                data.getHeaders().put(headerName, headerList.toArray(new String[]{}));
            }

            data.setBody(IOUtils.toString(req.getReader()));

            if (data.getDelay() > 0) {
                try {
                    Thread.sleep(data.getDelay());
                } catch (InterruptedException e) {
                    //Ignore
                }
            }

            return data;
        }
 
源代码14 项目: unitime   文件: CalendarServlet.java
HttpParams(HttpServletRequest request) {
	for (Enumeration e = request.getParameterNames(); e.hasMoreElements(); ) {
		String name = (String)e.nextElement();
		iParams.put(name, request.getParameterValues(name));
	}
}
 
源代码15 项目: Benchmark   文件: BenchmarkTest02345.java
@Override
	public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		response.setContentType("text/html;charset=UTF-8");

		String param = "";
		boolean flag = true;
		java.util.Enumeration<String> names = request.getParameterNames();
		while (names.hasMoreElements() && flag) {
			String name = (String) names.nextElement();		    	
			String[] values = request.getParameterValues(name);
			if (values != null) {
				for(int i=0;i<values.length && flag; i++){
					String value = values[i];
					if (value.equals("BenchmarkTest02345")) {
						param = name;
					    flag = false;
					}
				}
			}
		}

		String bar = doSomething(request, param);
		
	    try {
		    java.util.Random numGen = java.security.SecureRandom.getInstance("SHA1PRNG");
		
		    // Get 40 random bytes
		    byte[] randomBytes = new byte[40];
		    getNextNumber(numGen, randomBytes);
		    
	        String rememberMeKey = org.owasp.esapi.ESAPI.encoder().encodeForBase64(randomBytes, true);
	
			String user = "SafeBystander";
			String fullClassName = this.getClass().getName();
			String testCaseNumber = fullClassName.substring(fullClassName.lastIndexOf('.')+1+"BenchmarkTest".length());
			user+= testCaseNumber;
			
			String cookieName = "rememberMe" + testCaseNumber;
			
			boolean foundUser = false;
			javax.servlet.http.Cookie[] cookies = request.getCookies();
			if (cookies != null) {
				for (int i = 0; !foundUser && i < cookies.length; i++) {
					javax.servlet.http.Cookie cookie = cookies[i];
					if (cookieName.equals(cookie.getName())) {
						if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) {
							foundUser = true;
						}
					}
				}
			}

			
			if (foundUser) {
				response.getWriter().println(
"Welcome back: " + user + "<br/>"
);
			} else {			
				javax.servlet.http.Cookie rememberMe = new javax.servlet.http.Cookie(cookieName, rememberMeKey);
				rememberMe.setSecure(true);
	//			rememberMe.setPath("/benchmark/" + this.getClass().getSimpleName());
				rememberMe.setPath(request.getRequestURI()); // i.e., set path to JUST this servlet 
															 // e.g., /benchmark/sql-01/BenchmarkTest01001
				request.getSession().setAttribute(cookieName, rememberMeKey);
				response.addCookie(rememberMe);
response.getWriter().println(
user + " has been remembered with cookie: " + rememberMe.getName() 
						+ " whose value is: " + rememberMe.getValue() + "<br/>"
);
			}    
	    } catch (java.security.NoSuchAlgorithmException e) {
			System.out.println("Problem executing SecureRandom.nextBytes() - TestCase");
			throw new ServletException(e);
	    } finally {
			response.getWriter().println(
"Randomness Test java.security.SecureRandom.nextBytes(byte[]) executed"
);
	    }
	}
 
源代码16 项目: spacewalk   文件: TraceBackEvent.java
/**
 * format this message as a string
 *   TODO mmccune - fill out the email properly with the entire
 *                  request values
 * @return Text of email.
 */
public String toText() {
    StringWriter sw = new StringWriter();
    PrintWriter out = new PrintWriter(sw);
    LocalizationService ls = LocalizationService.getInstance();
    HttpServletRequest request = getRequest();
    User user = getUser();

    if (request != null) {
        out.println(ls.getMessage("traceback message header"));
        out.print(request.getMethod());
        out.println(" " + request.getRequestURI());
        out.println();
        out.print(ls.getMessage("date", getUserLocale()));
        out.print(":");
        out.println(ls.getBasicDate());
        out.print(ls.getMessage("headers", getUserLocale()));
        out.println(":");
        Enumeration e = request.getHeaderNames();
        while (e.hasMoreElements()) {
            String headerName = (String) e.nextElement();
            out.print("  ");
            out.print(headerName);
            out.print(": ");
            out.println(request.getHeader(headerName));
        }
        out.println();
        out.print(ls.getMessage("request", getUserLocale()));
        out.println(":");
        out.println(request.toString());

        if (request.getMethod() != null &&
                request.getMethod().equals("POST")) {
            out.print(ls.getMessage("form variables", getUserLocale()));
            out.println(":");
            Enumeration ne = request.getParameterNames();
            while (ne.hasMoreElements()) {
                String paramName = (String) ne.nextElement();
                out.print("  ");
                out.print(paramName);
                out.print(": ");
                if (paramName.equals("password")) {
                    out.println(HASHES);
                }
                else {
                    out.println(request.getParameter(paramName));
                }
            }
            out.println();
        }
    }
    else {
        out.print(ls.getMessage("date", getUserLocale()));
        out.print(":");
        out.println(ls.getBasicDate());
        out.println();
        out.print(ls.getMessage("request", getUserLocale()));
        out.println(":");
        out.println("No request information");
        out.println();
    }

    out.println();

    out.print(ls.getMessage("user info"));
    out.println(":");
    if (user != null) {
        out.println(user.toString());
    }
    else {
        out.println(ls.getMessage("no user loggedin", getUserLocale()));
    }
    out.println();
    out.print(ls.getMessage("exception", getUserLocale()));
    out.println(":");
    if (throwable != null) {
        throwable.printStackTrace(out);
    }
    else {
        out.println("no throwable");
    }
    out.close();
    return sw.toString();
}
 
源代码17 项目: wandora   文件: UserManagerAction.java
@Override
protected HashMap<String, Object> getTemplateContext(Template template, HttpServletRequest req, HttpMethod method, String action, User user) throws ActionException {
    String editAction=req.getParameter("editaction");
    if(editAction==null || editAction.length()==0) editAction="userlist";
    
    HashMap<String,Object> params=super.getTemplateContext(template, req, method, action, user);
    
    String userName=req.getParameter("user");
    if(userName!=null) userName=userName.trim();
    if(userName!=null && userName.length()==0) userName=null;
    
    User userObject=null;
    String view="userlist";
    String error=null;
    try{
        if(editAction.equals("userlist")){
            // no side effects, do nothing
        }
        else if(editAction.equals("viewuser")){
            view="user";
            // just check that the user is valid
            if(userName!=null) userObject=userStore.getUser(userName);
        }
        else if(editAction.equals("edituser") || editAction.equals("edituserlist")){
            view="user";
            if(editAction.equals("edituserlist")) view="userlist";

            if(userName!=null) {
                userObject=userStore.getUser(userName);
                if(userObject!=null){

                    Enumeration<String> paramNames=req.getParameterNames();
                    while(paramNames.hasMoreElements()){
                        String key=paramNames.nextElement();
                        String[] values=req.getParameterValues(key);
                        for(String value : values){
                            value=value.trim();
                            if(key.equals("setoption")){
                                int ind=value.indexOf("=");
                                if(ind<0) userObject.setOption(value, "");
                                else {
                                    String k=value.substring(0,ind);
                                    String v=value.substring(ind+1);
                                    userObject.setOption(k,v);
                                }
                            }
                            else if(key.equals("removeoption")){
                                userObject.removeOption(value);
                            }
                            else if(key.equals("addrole")){
                                userObject.addRole(value);
                            }
                            else if(key.equals("removerole")){
                                userObject.removeRole(value);
                            }
                        }
                    }
                    if(!userObject.saveUser()) error="NOEDIT";
                }
            }
        }
        else if(editAction.equals("deleteuser")){
            if(userName!=null) {
                if(!userStore.deleteUser(userName)) error="NODELETE";
            }
        }
        else if(editAction.equals("newuser")){
            view="user";
            if(userName!=null) {
                userObject=userStore.newUser(userName);
                if(userObject==null) error="NONEW";
            }
        }
        else return null;
        
        if(view.equals("user") && userObject==null) {
            if(error==null) error="INVALIDUSER";
            view="userlist";
        }

        if(view.equals("userlist")){
            params.put("allUsers",userStore.getAllUsers());
        }
        else {
            params.put("user",userObject);
        }
        
    }catch(UserStoreException use){
        if(error==null) error="USERSTORE";
    }
            
    params.put("editView",view);
    params.put("error",error);
    
    return params;
}
 
源代码18 项目: Benchmark   文件: BenchmarkTest00580.java
@Override
	public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		response.setContentType("text/html;charset=UTF-8");
	
		String param = "";
		boolean flag = true;
		java.util.Enumeration<String> names = request.getParameterNames();
		while (names.hasMoreElements() && flag) {
			String name = (String) names.nextElement();		    	
			String[] values = request.getParameterValues(name);
			if (values != null) {
				for(int i=0;i<values.length && flag; i++){
					String value = values[i];
					if (value.equals("BenchmarkTest00580")) {
						param = name;
					    flag = false;
					}
				}
			}
		}
		
		
		String bar = "";
		if (param != null) {
			bar = new String( org.apache.commons.codec.binary.Base64.decodeBase64(
			org.apache.commons.codec.binary.Base64.encodeBase64( param.getBytes() ) ));
		}
		
		
		try {
			double rand = java.security.SecureRandom.getInstance("SHA1PRNG").nextDouble();
			
			String rememberMeKey = Double.toString(rand).substring(2); // Trim off the 0. at the front.
			
			String user = "SafeDonna";
			String fullClassName = this.getClass().getName();
			String testCaseNumber = fullClassName.substring(fullClassName.lastIndexOf('.')+1+"BenchmarkTest".length());
			user+= testCaseNumber;
			
			String cookieName = "rememberMe" + testCaseNumber;
			
			boolean foundUser = false;
			javax.servlet.http.Cookie[] cookies = request.getCookies();
			if (cookies != null) {
				for (int i = 0; !foundUser && i < cookies.length; i++) {
					javax.servlet.http.Cookie cookie = cookies[i];
					if (cookieName.equals(cookie.getName())) {
						if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) {
							foundUser = true;
						}
					}
				}
			}

			
			if (foundUser) {
				response.getWriter().println(
"Welcome back: " + user + "<br/>"
);
			
			} else {			
				javax.servlet.http.Cookie rememberMe = new javax.servlet.http.Cookie(cookieName, rememberMeKey);
				rememberMe.setSecure(true);
	//			rememberMe.setPath("/benchmark/" + this.getClass().getSimpleName());
				rememberMe.setPath(request.getRequestURI()); // i.e., set path to JUST this servlet 
															 // e.g., /benchmark/sql-01/BenchmarkTest01001
				request.getSession().setAttribute(cookieName, rememberMeKey);
response.addCookie(rememberMe);
response.getWriter().println(
user + " has been remembered with cookie: " + rememberMe.getName() 
						+ " whose value is: " + rememberMe.getValue() + "<br/>"
);
			}
	    } catch (java.security.NoSuchAlgorithmException e) {
			System.out.println("Problem executing SecureRandom.nextDouble() - TestCase");
			throw new ServletException(e);
	    }
		response.getWriter().println(
"Weak Randomness Test java.security.SecureRandom.nextDouble() executed"
);
	}
 
源代码19 项目: Benchmark   文件: BenchmarkTest00574.java
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
	response.setContentType("text/html;charset=UTF-8");

	String param = "";
	boolean flag = true;
	java.util.Enumeration<String> names = request.getParameterNames();
	while (names.hasMoreElements() && flag) {
		String name = (String) names.nextElement();		    	
		String[] values = request.getParameterValues(name);
		if (values != null) {
			for(int i=0;i<values.length && flag; i++){
				String value = values[i];
				if (value.equals("BenchmarkTest00574")) {
					param = name;
				    flag = false;
				}
			}
		}
	}
	
	
	String bar;
	
	// Simple ? condition that assigns param to bar on false condition
	int num = 106;
	
	bar = (7*42) - num > 200 ? "This should never happen" : param;
	
	
	
	String cmd = org.owasp.benchmark.helpers.Utils.getInsecureOSCommandString(this.getClass().getClassLoader());
       
	String[] argsEnv = { bar };
	Runtime r = Runtime.getRuntime();

	try {
		Process p = r.exec(cmd, argsEnv);
		org.owasp.benchmark.helpers.Utils.printOSCommandResults(p, response);
	} catch (IOException e) {
		System.out.println("Problem executing cmdi - TestCase");
		response.getWriter().println(
		  org.owasp.esapi.ESAPI.encoder().encodeForHTML(e.getMessage())
		);
		return;
	}
}
 
源代码20 项目: Benchmark   文件: BenchmarkTest00595.java
@Override
	public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		response.setContentType("text/html;charset=UTF-8");
	
		String param = "";
		boolean flag = true;
		java.util.Enumeration<String> names = request.getParameterNames();
		while (names.hasMoreElements() && flag) {
			String name = (String) names.nextElement();		    	
			String[] values = request.getParameterValues(name);
			if (values != null) {
				for(int i=0;i<values.length && flag; i++){
					String value = values[i];
					if (value.equals("BenchmarkTest00595")) {
						param = name;
					    flag = false;
					}
				}
			}
		}
		
		
		String bar;
		
		// Simple ? condition that assigns param to bar on false condition
		int num = 106;
		
		bar = (7*42) - num > 200 ? "This should never happen" : param;
		
		
		
		String sql = "SELECT * from USERS where USERNAME=? and PASSWORD='"+ bar +"'";
				
		try {
			java.sql.Connection connection = org.owasp.benchmark.helpers.DatabaseHelper.getSqlConnection();
			java.sql.PreparedStatement statement = connection.prepareStatement( sql, new String[] {"Column1","Column2"} );
			statement.setString(1, "foo");
			statement.execute();
            org.owasp.benchmark.helpers.DatabaseHelper.printResults(statement, sql, response);
		} catch (java.sql.SQLException e) {
			if (org.owasp.benchmark.helpers.DatabaseHelper.hideSQLErrors) {
        		response.getWriter().println(
"Error processing request."
);
        		return;
        	}
			else throw new ServletException(e);
		}
	}