Resolved blocker and critical sonar issues. Fixes #347

src/main/java/org/sasanlabs/controller/exception/ControllerExceptionHandler.java

@@ -21,7 +21,7 @@ public class ControllerExceptionHandler extends ResponseEntityExceptionHandler {
 
     private MessageBundle messageBundle;
 
-    private static final transient Logger LOGGER =
+    private static final transient Logger LOG =
             LogManager.getLogger(ControllerExceptionHandler.class);
 
     public ControllerExceptionHandler(MessageBundle messageBundle) {
@@ -31,15 +31,15 @@ public ControllerExceptionHandler(MessageBundle messageBundle) {
     @ExceptionHandler(ControllerException.class)
     public ResponseEntity<String> handleControllerExceptions(
             ControllerException ex, WebRequest request) {
-        LOGGER.error("Controller Exception Occurred :-", ex);
+        LOG.error("Controller Exception Occurred :-", ex);
         return new ResponseEntity<String>(
                 ex.getExceptionStatusCode().getMessage(ex.getArgs(), messageBundle),
                 HttpStatus.INTERNAL_SERVER_ERROR);
     }
 
     @ExceptionHandler(Exception.class)
     public ResponseEntity<String> handleExceptions(Exception ex, WebRequest request) {
-        LOGGER.error("General Exception Occurred :- ", ex);
+        LOG.error("General Exception Occurred :- ", ex);
         return new ResponseEntity<String>(
                 ExceptionStatusCodeEnum.SYSTEM_ERROR.getMessage(null, messageBundle),
                 HttpStatus.INTERNAL_SERVER_ERROR);

src/main/java/org/sasanlabs/internal/utility/FrameworkConstants.java

@@ -5,24 +5,24 @@
  *
  * @author [email protected] KSASAN
  */
-public interface FrameworkConstants {
+public class FrameworkConstants {
 
     // Site map related constants
-    String GENERAL_XML_HEADER = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
-    String SITEMAP_URLSET_TAG_START =
+    public static final String GENERAL_XML_HEADER = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
+    public static final String SITEMAP_URLSET_TAG_START =
             "<urlset xmlns=\"http://www.sitemaps.org/schemas/sitemap/0.9\" >\n";
-    String SITEMAP_URL_TAG_START = "<url>";
-    String SITEMAP_URL_TAG_END = "</url>";
-    String SITEMAP_LOC_TAG_START = "<loc>";
-    String SITEMAP_LOC_TAG_END = "</loc>";
-    String SITEMAP_URLSET_TAG_END = "</urlset>";
+    public static final String SITEMAP_URL_TAG_START = "<url>";
+    public static final String SITEMAP_URL_TAG_END = "</url>";
+    public static final String SITEMAP_LOC_TAG_START = "<loc>";
+    public static final String SITEMAP_LOC_TAG_END = "</loc>";
+    public static final String SITEMAP_URLSET_TAG_END = "</urlset>";
 
-    String HTTP = "http://";
-    String HTTPS = "https://";
-    String COLON = ":";
-    String SLASH = "/";
-    String NEXT_LINE = "\n";
+    public static final String HTTP = "http://";
+    public static final String HTTPS = "https://";
+    public static final String COLON = ":";
+    public static final String SLASH = "/";
+    public static final String NEXT_LINE = "\n";
 
     // As VulnerableApp is added to each URL hence creating a constant for reference.
-    String VULNERABLE_APP = "VulnerableApp";
+    public static final String VULNERABLE_APP = "VulnerableApp";
 }

src/main/java/org/sasanlabs/service/impl/EndPointsInformationProvider.java

@@ -43,6 +43,8 @@ public class EndPointsInformationProvider implements IEndPointsInformationProvid
 
     int port;
 
+    private static final String APP_TEMPLATES_PATH = "/VulnerableApp/templates/";
+
     public EndPointsInformationProvider(
             EnvUtils envUtils,
             MessageBundle messageBundle,
@@ -148,15 +150,15 @@ private void addFacadeResourceInformation(
                 Arrays.asList(
                         new ResourceURI(
                                 false,
-                                "/VulnerableApp/templates/"
+                                APP_TEMPLATES_PATH
                                         + facadeVulnerabilityDefinition.getName()
                                         + "/"
                                         + template
                                         + ".css",
                                 ResourceType.CSS.name()),
                         new ResourceURI(
                                 false,
-                                "/VulnerableApp/templates/"
+                                APP_TEMPLATES_PATH
                                         + facadeVulnerabilityDefinition.getName()
                                         + "/"
                                         + template
@@ -165,7 +167,7 @@ private void addFacadeResourceInformation(
         resourceInformation.setHtmlResource(
                 new ResourceURI(
                         false,
-                        "/VulnerableApp/templates/"
+                        APP_TEMPLATES_PATH
                                 + facadeVulnerabilityDefinition.getName()
                                 + "/"
                                 + template

src/main/java/org/sasanlabs/service/vulnerability/commandInjection/CommandInjection.java

@@ -161,11 +161,7 @@ public ResponseEntity<GenericVulnerabilityResponseBean<String>> getVulnerablePay
                                         .find()
                                 && !requestEntity.getUrl().toString().toUpperCase().contains("%26")
                                 && !requestEntity.getUrl().toString().toUpperCase().contains("%3B")
-                                        & !requestEntity
-                                                .getUrl()
-                                                .toString()
-                                                .toUpperCase()
-                                                .contains("%7C");
+                                && !requestEntity.getUrl().toString().toUpperCase().contains("%7C");
         return new ResponseEntity<GenericVulnerabilityResponseBean<String>>(
                 new GenericVulnerabilityResponseBean<String>(
                         this.getResponseFromPingCommand(ipAddress, validator.get()).toString(),