wangwei
/
bugtest001
Not watched
1
0
Fork 0
Code
Releases 0 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
bugtest001/HTTP_Response_Splitting/HTTP_Response_Splitting.java

28 lines
689 B
Raw Permalink Blame History 

  1. package HTTP_Response_Splitting;

  2. 

  3. import javax.servlet.http.HttpServletRequest;

  4. import javax.servlet.http.HttpServletResponse;

  5. 

  6. public class HTTP_Response_Splitting {

  7. 

  8. 	public void bad(HttpServletRequest request,HttpServletResponse response)

  9. 	{

  10. 		String value = request.getParameter("value");

  11. 		String UNIQUE2U ="cookie";

  12. 		

  13. 		response.setHeader("Set-Cookie", UNIQUE2U + "=" + value + "; HttpOnly"); // bad Http响应截断

  14. 			

  15. 	}

  16. 	

  17. 	public void good(HttpServletRequest request,HttpServletResponse response)

  18. 	{

  19. 		String value = "author-cookie";

  20. 		String UNIQUE2U ="cookie";

  21. 		

  22. 		response.setHeader("Set-Cookie", UNIQUE2U + "=" + value + "; HttpOnly");  // good Http响应截断

  23. 			

  24. 	}

  25. 

  26. 

  27. }