Skip to content

Commit 9f8118e

Browse files
author
patched.codes[bot]
committed
Patched src/com/ibm/security/appscan/altoromutual/servlet/SurveyServlet.java
1 parent 5b3d533 commit 9f8118e

File tree

1 file changed

+28
-5
lines changed

1 file changed

+28
-5
lines changed

src/com/ibm/security/appscan/altoromutual/servlet/SurveyServlet.java

Lines changed: 28 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -19,18 +19,22 @@
1919
package com.ibm.security.appscan.altoromutual.servlet;
2020

2121
import java.io.IOException;
22+
import java.util.Set;
2223

2324
import javax.servlet.ServletException;
2425
import javax.servlet.http.HttpServlet;
2526
import javax.servlet.http.HttpServletRequest;
2627
import javax.servlet.http.HttpServletResponse;
2728

29+
import org.apache.commons.text.StringEscapeUtils;
30+
2831
/**
2932
* Servlet implementation class SurveyServlet
3033
* @author Alexei
3134
*/
3235
public class SurveyServlet extends HttpServlet {
3336
private static final long serialVersionUID = 1L;
37+
private static final Set<String> VALID_STEPS = Set.of("a", "b", "c");
3438

3539
/**
3640
* @see HttpServlet#HttpServlet()
@@ -43,13 +47,19 @@ public SurveyServlet() {
4347
* @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
4448
*/
4549
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
46-
String step = (request.getParameter("step"));
50+
// Add security headers
51+
response.setHeader("Content-Security-Policy", "default-src 'self'");
52+
response.setHeader("X-XSS-Protection", "1; mode=block");
53+
response.setHeader("X-Content-Type-Options", "nosniff");
54+
55+
// Input validation
56+
String step = request.getParameter("step");
57+
if (step == null || !VALID_STEPS.contains(step)) {
58+
step = "";
59+
}
4760

4861
String content = null;
4962
String previousStep = null;
50-
51-
if (step == null)
52-
step = "";
5363

5464
if (step.equals("a")){
5565
content = "<h1>Question 1</h1>"+
@@ -63,7 +73,20 @@ else if (step.equals("b")){
6373
}
6474
else if (step.equals("c")){
6575
content = "<h1>Question 3</h1>"+
66-
"<div width=\"99%\"><p>Are you ... <ul><li><a href=\"survey_questions.jsp?step=d\">Male</a></li><li><a href=\"survey_questions.jsp?step=d\">Female</a></li></ul></p>";
76+
"<div width=\"99%\"><p>Are you ... <ul><li><a href=\"survey_questions.jsp?step=d\">A current customer</a></li> <li><a href=\"survey_questions.jsp?step=d\">A former customer</a></li> <li><a href=\"survey_questions.jsp?step=d\">Never been a customer</a></li></ul></p></div>";
77+
previousStep="b";
78+
}
79+
80+
// Set content type and encoding
81+
response.setContentType("text/html");
82+
response.setCharacterEncoding("UTF-8");
83+
84+
// HTML encode all dynamic content before writing to response
85+
if (content != null) {
86+
content = StringEscapeUtils.escapeHtml4(content);
87+
}
88+
89+
response.getWriter().write(content != null ? content : "Invalid step");ions.jsp?step=d\">Male</a></li><li><a href=\"survey_questions.jsp?step=d\">Female</a></li></ul></p>";
6790
previousStep="b";
6891
}
6992
else if (step.equals("d")){

0 commit comments

Comments
 (0)