hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-27 01:21:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

2.19.0 upgrade

Browse Source
This commit is contained in:
Dilan Bhalla
2024-09-18 14:28:42 -07:00
parent 8fd89829cc
commit 14ce258807
3011 changed files with 130171 additions and 76847 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
java/ql/integration-tests/java/java-web-jsp/.gitignore vendored Normal file
View File

@@ -0,0 +1,22 @@
#Eclipse
.classpath
.project
test-output
.settings
#IntelliJ
*.iml
*.ipr
*.iws
.idea/
#Gradle
.gradle
#Build directories
bin/
build/
target/
#Maven
*.versionsBackup

1
java/ql/integration-tests/java/java-web-jsp/README.txt Normal file
View File

@@ -0,0 +1 @@
Modified version of https://github.com/find-sec-bugs/find-sec-bugs-demos/tree/84274ed6c47ed4627fd13be6ac099dd9fb66f3c8/java-web-jsp

306
java/ql/integration-tests/java/java-web-jsp/pom.xml Normal file
View File

@@ -0,0 +1,306 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.h3xstream.test</groupId>
<artifactId>vulnerable-jsp-app</artifactId>
<version>1.0.0-SNAPSHOT</version>
<packaging>war</packaging>
<name>Vulnerable JSP Application</name>
<description>
This is a demo application used to display the typical configuration required to precompiled JSP.
This application also contains vulnerable samples. DO NOT used this project's code as example.
</description>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<jetty-version>9.3.3.v20150827</jetty-version>
<spring.version>4.0.2.RELEASE</spring.version>
<!--<sonar.language></sonar.language>-->
</properties>
<dependencies>
<!-- Servlet API -->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.1.0</version>
</dependency>
<!-- Jetty -->
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-annotations</artifactId>
<version>${jetty-version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-webapp</artifactId>
<version>${jetty-version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>apache-jsp</artifactId>
<version>${jetty-version}</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>apache-jstl</artifactId>
<version>${jetty-version}</version>
<type>pom</type>
</dependency>
<!-- Spring Web MVC (Include Tag Lib) -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
<type>jar</type>
</dependency>
<!-- OWASP Java Encoder -->
<dependency>
<groupId>org.owasp.encoder</groupId>
<artifactId>encoder</artifactId>
<version>1.2</version>
</dependency>
<dependency>
<groupId>org.owasp.encoder</groupId>
<artifactId>encoder-jsp</artifactId>
<version>1.2</version>
</dependency>
</dependencies>
<profiles>
<!-- Compilation of the JSP with Weblogic 12.1.3.0 -->
<profile>
<id>weblogic1213Jsp</id>
<activation>
<activeByDefault>false</activeByDefault>
</activation>
<build>
<plugins>
<plugin>
<!-- This is the configuration for the
weblogic-maven-plugin
-->
<groupId>com.oracle.weblogic</groupId>
<artifactId>wls-maven-plugin</artifactId>
<version>12.1.3.0</version>
<configuration>
<middlewareHome>C:/Oracle/Middleware/Oracle_Home</middlewareHome>
</configuration>
<executions>
<!-- Execute the appc goal during the package phase -->
<execution>
<id>wls-appc</id>
<phase>package</phase>
<goals>
<goal>appc</goal>
</goals>
<configuration>
<continueCompilation>true</continueCompilation>
<writeInferredDescriptors>true</writeInferredDescriptors>
<commentary>true</commentary>
<lineNumbers>true</lineNumbers>
<verboseJavac>true</verboseJavac>
<idlVerbose>true</idlVerbose>
<source>${project.build.directory}/${project.artifactId}-${project.version}.${project.packaging}</source>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
<!-- Compilation of the JSP with Jetty 9.4.20 -->
<profile>
<id>jetty9420Jsp</id>
<activation>
<activeByDefault>false</activeByDefault>
</activation>
<build>
<plugins>
<plugin>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-jspc-maven-plugin</artifactId>
<version>9.4.20.v20190813</version> <!-- Latest version -->
<executions>
<execution>
<id>jspc</id>
<goals>
<goal>jspc</goal>
</goals>
<configuration>
<jspc>
<smapSuppressed>false</smapSuppressed>
<smapDumped>true</smapDumped>
</jspc>
<keepSources>true</keepSources>
<useProvidedScope>true</useProvidedScope>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
<!-- Compilation of the JSP with Jetty 9.3.6 -->
<profile>
<id>jetty936Jsp</id>
<activation>
<activeByDefault>false</activeByDefault>
</activation>
<build>
<plugins>
<plugin>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-jspc-maven-plugin</artifactId>
<version>9.3.6.v20151106</version>
<executions>
<execution>
<id>jspc</id>
<goals>
<goal>jspc</goal>
</goals>
<configuration>
<jspc>
<smapSuppressed>false</smapSuppressed>
<smapDumped>true</smapDumped>
</jspc>
<keepSources>true</keepSources>
<useProvidedScope>true</useProvidedScope>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
<!-- Compilation of the JSP with Jetty 9.0.7 -->
<profile>
<id>jetty907Jsp</id>
<activation>
<activeByDefault>false</activeByDefault>
</activation>
<build>
<plugins>
<plugin>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-jspc-maven-plugin</artifactId>
<version>9.0.7.v20131107</version>
<executions>
<execution>
<id>jspc</id>
<goals>
<goal>jspc</goal>
</goals>
<configuration>
<suppressSmap>false</suppressSmap>
<useProvidedScope>true</useProvidedScope>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
<!-- Compilation of the JSP with Tomcat -->
<profile>
<id>tomcat8Jsp</id>
<activation>
<activeByDefault>false</activeByDefault>
</activation>
<build>
<plugins>
<plugin>
<groupId>io.leonard.maven.plugins</groupId>
<artifactId>jspc-maven-plugin</artifactId>
<version>3.2.0</version>
<executions>
<execution>
<goals>
<goal>compile</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
<build>
<plugins>
<!-- Compilation with Java 8 -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.10.1</version>
<configuration>
<source>1.8</source>
<target>1.8</target>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>3.3.2</version>
</plugin>
<!-- SpotBugs Static Analysis -->
<plugin>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-maven-plugin</artifactId>
<version>3.1.12</version>
<configuration>
<effort>Max</effort>
<threshold>Low</threshold>
<failOnError>true</failOnError>
<includeFilterFile>${session.executionRootDirectory}/spotbugs-security-include.xml</includeFilterFile>
<excludeFilterFile>${session.executionRootDirectory}/spotbugs-security-exclude.xml</excludeFilterFile>
<plugins>
<plugin>
<groupId>com.h3xstream.findsecbugs</groupId>
<artifactId>findsecbugs-plugin</artifactId>
<version>1.9.0</version> <!-- Auto-update to the latest stable -->
</plugin>
</plugins>
</configuration>
</plugin>
</plugins>
</build>
</project>

2
java/ql/integration-tests/java/java-web-jsp/spotbugs-security-exclude.xml Normal file
View File

@@ -0,0 +1,2 @@
<FindBugsFilter>
</FindBugsFilter>

5
java/ql/integration-tests/java/java-web-jsp/spotbugs-security-include.xml Normal file
View File

@@ -0,0 +1,5 @@
<FindBugsFilter>
<Match>
<Bug category="SECURITY"/>
</Match>
</FindBugsFilter>

41
java/ql/integration-tests/java/java-web-jsp/src/main/java/com/acme/Counter.java Normal file
View File

@@ -0,0 +1,41 @@
//
// ========================================================================
// Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package com.acme;
@SuppressWarnings("serial")
public class Counter implements java.io.Serializable
{
int counter=0;
String last;
public int getCount()
{
counter++;
return counter;
}
public void setLast(String uri) {
last=uri;
}
public String getLast() {
return last;
}
}

53
java/ql/integration-tests/java/java-web-jsp/src/main/java/com/acme/Date2Tag.java Normal file
View File

@@ -0,0 +1,53 @@
//
// ========================================================================
// Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package com.acme;
import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.StringTokenizer;
import javax.servlet.jsp.JspContext;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.JspFragment;
import javax.servlet.jsp.tagext.SimpleTagSupport;
public class Date2Tag extends SimpleTagSupport
{
String format;
public void setFormat(String value) {
this.format = value;
}
public void doTag() throws JspException, IOException {
String formatted =
new SimpleDateFormat("long".equals(format)?"EEE 'the' d:MMM:yyyy":"d:MM:yy")
.format(new Date());
StringTokenizer tok = new StringTokenizer(formatted,":");
JspContext context = getJspContext();
context.setAttribute("day", tok.nextToken() );
context.setAttribute("month", tok.nextToken() );
context.setAttribute("year", tok.nextToken() );
JspFragment fragment = getJspBody();
fragment.invoke(null);
}
}

36
java/ql/integration-tests/java/java-web-jsp/src/main/java/com/acme/DateServlet.java Normal file
View File

@@ -0,0 +1,36 @@
//
// ========================================================================
// Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package com.acme;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@SuppressWarnings("serial")
public class DateServlet extends HttpServlet
{
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
{
req.getRequestDispatcher("/test/tag2.jsp").forward(req,resp);
}
}

71
java/ql/integration-tests/java/java-web-jsp/src/main/java/com/acme/DateTag.java Normal file
View File

@@ -0,0 +1,71 @@
//
// ========================================================================
// Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package com.acme;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.TimeZone;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.JspTagException;
import javax.servlet.jsp.PageContext;
import javax.servlet.jsp.tagext.BodyContent;
import javax.servlet.jsp.tagext.BodyTagSupport;
import javax.servlet.jsp.tagext.Tag;
@SuppressWarnings("serial")
public class DateTag extends BodyTagSupport
{
Tag parent;
BodyContent body;
String tz="GMT";
public void setParent(Tag parent) {this.parent=parent;}
public Tag getParent() {return parent;}
public void setBodyContent(BodyContent content) {body=content;}
public void setPageContext(PageContext pageContext) {}
public void setTz(String value) {tz=value;}
public int doStartTag() throws JspException {return EVAL_BODY_BUFFERED;}
public int doEndTag() throws JspException {return EVAL_PAGE;}
public void doInitBody() throws JspException {}
public int doAfterBody() throws JspException {
try
{
SimpleDateFormat format = new SimpleDateFormat(body.getString());
format.setTimeZone(TimeZone.getTimeZone(tz));
body.getEnclosingWriter().write(format.format(new Date()));
return SKIP_BODY;
}
catch (Exception ex) {
ex.printStackTrace();
throw new JspTagException(ex.toString());
}
}
public void release()
{
body=null;
}
}

122
java/ql/integration-tests/java/java-web-jsp/src/main/java/com/acme/TagListener.java Normal file
View File

@@ -0,0 +1,122 @@
//
// ========================================================================
// Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package com.acme;
import javax.servlet.ServletContextAttributeEvent;
import javax.servlet.ServletContextAttributeListener;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import javax.servlet.ServletRequestAttributeEvent;
import javax.servlet.ServletRequestAttributeListener;
import javax.servlet.ServletRequestEvent;
import javax.servlet.ServletRequestListener;
import javax.servlet.http.HttpSessionActivationListener;
import javax.servlet.http.HttpSessionAttributeListener;
import javax.servlet.http.HttpSessionBindingEvent;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;
public class TagListener implements HttpSessionListener, HttpSessionAttributeListener, HttpSessionActivationListener, ServletContextListener, ServletContextAttributeListener, ServletRequestListener, ServletRequestAttributeListener
{
public void attributeAdded(HttpSessionBindingEvent se)
{
//System.err.println("tagListener: attributedAdded "+se);
}
public void attributeRemoved(HttpSessionBindingEvent se)
{
//System.err.println("tagListener: attributeRemoved "+se);
}
public void attributeReplaced(HttpSessionBindingEvent se)
{
//System.err.println("tagListener: attributeReplaced "+se);
}
public void sessionWillPassivate(HttpSessionEvent se)
{
//System.err.println("tagListener: sessionWillPassivate "+se);
}
public void sessionDidActivate(HttpSessionEvent se)
{
//System.err.println("tagListener: sessionDidActivate "+se);
}
public void contextInitialized(ServletContextEvent sce)
{
//System.err.println("tagListener: contextInitialized "+sce);
}
public void contextDestroyed(ServletContextEvent sce)
{
//System.err.println("tagListener: contextDestroyed "+sce);
}
public void attributeAdded(ServletContextAttributeEvent scab)
{
//System.err.println("tagListener: attributeAdded "+scab);
}
public void attributeRemoved(ServletContextAttributeEvent scab)
{
//System.err.println("tagListener: attributeRemoved "+scab);
}
public void attributeReplaced(ServletContextAttributeEvent scab)
{
//System.err.println("tagListener: attributeReplaced "+scab);
}
public void requestDestroyed(ServletRequestEvent sre)
{
//System.err.println("tagListener: requestDestroyed "+sre);
}
public void requestInitialized(ServletRequestEvent sre)
{
//System.err.println("tagListener: requestInitialized "+sre);
}
public void attributeAdded(ServletRequestAttributeEvent srae)
{
//System.err.println("tagListener: attributeAdded "+srae);
}
public void attributeRemoved(ServletRequestAttributeEvent srae)
{
//System.err.println("tagListener: attributeRemoved "+srae);
}
public void attributeReplaced(ServletRequestAttributeEvent srae)
{
//System.err.println("tagListener: attributeReplaced "+srae);
}
public void sessionCreated(HttpSessionEvent se)
{
//System.err.println("tagListener: sessionCreated "+se);
}
public void sessionDestroyed(HttpSessionEvent se)
{
//System.err.println("tagListener: sessionDestroyed "+se);
}
}

44
java/ql/integration-tests/java/java-web-jsp/src/main/java/org/eclipse/jetty/demo/LoggingUtil.java Normal file
View File

@@ -0,0 +1,44 @@
//
// ========================================================================
// Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.demo;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.util.logging.LogManager;
public final class LoggingUtil
{
public static void config()
{
ClassLoader cl = Thread.currentThread().getContextClassLoader();
URL url = cl.getResource("logging.properties");
if (url != null)
{
try(InputStream in = url.openStream())
{
LogManager.getLogManager().readConfiguration(in);
}
catch (IOException e)
{
e.printStackTrace(System.err);
}
}
}
}

277
java/ql/integration-tests/java/java-web-jsp/src/main/java/org/eclipse/jetty/demo/Main.java Normal file
View File

@@ -0,0 +1,277 @@
//
// ========================================================================
// Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.demo;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.net.URLClassLoader;
import java.util.ArrayList;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.eclipse.jetty.jsp.JettyJspServlet;
import org.apache.tomcat.InstanceManager;
import org.apache.tomcat.SimpleInstanceManager;
import org.eclipse.jetty.annotations.ServletContainerInitializersStarter;
import org.eclipse.jetty.apache.jsp.JettyJasperInitializer;
import org.eclipse.jetty.plus.annotation.ContainerInitializer;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.servlet.DefaultServlet;
import org.eclipse.jetty.servlet.ServletHolder;
import org.eclipse.jetty.util.log.JavaUtilLog;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.webapp.WebAppContext;
import com.acme.DateServlet;
/**
* Example of using JSP's with embedded jetty and not requiring
* all of the overhead of a WebAppContext
*/
public class Main
{
// Resource path pointing to where the WEBROOT is
private static final String WEBROOT_INDEX = "/WEB-INF/..";
public static void main(String[] args) throws Exception
{
int port = 9999;
LoggingUtil.config();
Log.setLog(new JavaUtilLog());
Main main = new Main(port);
main.start();
main.waitForInterrupt();
}
private static final Logger LOG = Logger.getLogger(Main.class.getName());
private int port;
private Server server;
private URI serverURI;
public Main(int port)
{
this.port = port;
}
public URI getServerURI()
{
return serverURI;
}
public void start() throws Exception
{
server = new Server();
ServerConnector connector = connector();
server.addConnector(connector);
URI baseUri = getWebRootResourceUri();
// Set JSP to use Standard JavaC always
System.setProperty("org.apache.jasper.compiler.disablejsr199", "false");
WebAppContext webAppContext = getWebAppContext(baseUri, getScratchDir());
server.setHandler(webAppContext);
// Start Server
server.start();
// Show server state
if (LOG.isLoggable(Level.FINE))
{
LOG.fine(server.dump());
}
this.serverURI = getServerUri(connector);
}
private ServerConnector connector()
{
ServerConnector connector = new ServerConnector(server);
connector.setPort(port);
return connector;
}
private URI getWebRootResourceUri() throws FileNotFoundException, URISyntaxException
{
URL indexUri = this.getClass().getResource("/");
if (indexUri == null)
{
throw new FileNotFoundException("Unable to find resource " + WEBROOT_INDEX);
}
// Points to wherever /webroot/ (the resource) is
//return indexUri.toURI();
return new URI(indexUri.getPath()+"../../src/main/webapp");
}
/**
* Establish Scratch directory for the servlet context (used by JSP compilation)
*/
private File getScratchDir() throws IOException
{
File tempDir = new File(System.getProperty("java.io.tmpdir"));
File scratchDir = new File(tempDir.toString(), "embedded-jetty-jsp");
if (!scratchDir.exists())
{
if (!scratchDir.mkdirs())
{
throw new IOException("Unable to create scratch directory: " + scratchDir);
}
}
return scratchDir;
}
/**
* Setup the basic application "context" for this application at "/"
* This is also known as the handler tree (in jetty speak)
*/
private WebAppContext getWebAppContext(URI baseUri, File scratchDir)
{
WebAppContext context = new WebAppContext();
context.setContextPath("/");
context.setAttribute("javax.servlet.context.tempdir", scratchDir);
context.setAttribute("org.eclipse.jetty.server.webapp.ContainerIncludeJarPattern",
".*/[^/]*servlet-api-[^/]*\\.jar$|.*/javax.servlet.jsp.jstl-.*\\.jar$|.*/.*taglibs.*\\.jar$");
context.setResourceBase(baseUri.toASCIIString());
context.setAttribute("org.eclipse.jetty.containerInitializers", jspInitializers());
context.setAttribute(InstanceManager.class.getName(), new SimpleInstanceManager());
context.addBean(new ServletContainerInitializersStarter(context), true);
context.setClassLoader(getUrlClassLoader());
context.addServlet(jspServletHolder(), "*.jsp");
// Add Application Servlets
context.addServlet(DateServlet.class, "/date/");
context.addServlet(exampleJspFileMappedServletHolder(), "/test/foo/");
context.addServlet(defaultServletHolder(baseUri), "/");
return context;
}
/**
* Ensure the jsp engine is initialized correctly
*/
private List<ContainerInitializer> jspInitializers()
{
JettyJasperInitializer sci = new JettyJasperInitializer();
ContainerInitializer initializer = new ContainerInitializer(sci, null);
List<ContainerInitializer> initializers = new ArrayList<ContainerInitializer>();
initializers.add(initializer);
return initializers;
}
/**
* Set Classloader of Context to be sane (needed for JSTL)
* JSP requires a non-System classloader, this simply wraps the
* embedded System classloader in a way that makes it suitable
* for JSP to use
*/
private ClassLoader getUrlClassLoader()
{
ClassLoader jspClassLoader = new URLClassLoader(new URL[0], this.getClass().getClassLoader());
return jspClassLoader;
}
/**
* Create JSP Servlet (must be named "jsp")
*/
private ServletHolder jspServletHolder()
{
ServletHolder holderJsp = new ServletHolder("jsp", JettyJspServlet.class);
holderJsp.setInitOrder(0);
holderJsp.setInitParameter("logVerbosityLevel", "DEBUG");
holderJsp.setInitParameter("fork", "false");
holderJsp.setInitParameter("xpoweredBy", "false");
holderJsp.setInitParameter("compilerTargetVM", "1.7");
holderJsp.setInitParameter("compilerSourceVM", "1.7");
holderJsp.setInitParameter("keepgenerated", "true");
return holderJsp;
}
/**
* Create Example of mapping jsp to path spec
*/
private ServletHolder exampleJspFileMappedServletHolder()
{
ServletHolder holderAltMapping = new ServletHolder();
holderAltMapping.setName("foo.jsp");
holderAltMapping.setForcedPath("/test/foo/foo.jsp");
return holderAltMapping;
}
/**
* Create Default Servlet (must be named "default")
*/
private ServletHolder defaultServletHolder(URI baseUri)
{
ServletHolder holderDefault = new ServletHolder("default", DefaultServlet.class);
LOG.info("Base URI: " + baseUri);
holderDefault.setInitParameter("resourceBase", baseUri.toASCIIString());
holderDefault.setInitParameter("dirAllowed", "true");
return holderDefault;
}
/**
* Establish the Server URI
*/
private URI getServerUri(ServerConnector connector) throws URISyntaxException
{
String scheme = "http";
for (ConnectionFactory connectFactory : connector.getConnectionFactories())
{
if (connectFactory.getProtocol().equals("SSL-http"))
{
scheme = "https";
}
}
String host = connector.getHost();
if (host == null)
{
host = "localhost";
}
int port = connector.getLocalPort();
serverURI = new URI(String.format("%s://%s:%d/", scheme, host, port));
LOG.info("Server URI: " + serverURI);
return serverURI;
}
public void stop() throws Exception
{
server.stop();
}
/**
* Cause server to keep running until it receives a Interrupt.
* <p>
* Interrupt Signal, or SIGINT (Unix Signal), is typically seen as a result of a kill -TERM {pid} or Ctrl+C
* @throws InterruptedException if interrupted
*/
public void waitForInterrupt() throws InterruptedException
{
server.join();
}
}

57
java/ql/integration-tests/java/java-web-jsp/src/main/java/org/eclipse/jetty/demo/SystemOutHandler.java Normal file
View File

@@ -0,0 +1,57 @@
//
// ========================================================================
// Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.demo;
import java.util.logging.Handler;
import java.util.logging.LogRecord;
public class SystemOutHandler extends Handler
{
@Override
public void publish(LogRecord record)
{
StringBuilder buf = new StringBuilder();
buf.append("[").append(record.getLevel().getName()).append("] ");
String logname = record.getLoggerName();
int idx = logname.lastIndexOf('.');
if (idx > 0)
{
logname = logname.substring(idx + 1);
}
buf.append(logname);
buf.append(": ");
buf.append(record.getMessage());
System.out.println(buf.toString());
if (record.getThrown() != null)
{
record.getThrown().printStackTrace(System.out);
}
}
@Override
public void flush()
{
}
@Override
public void close() throws SecurityException
{
}
}

1
java/ql/integration-tests/java/java-web-jsp/src/main/resources/jetty-logging.properties Normal file
View File

@@ -0,0 +1 @@
org.eclipse.jetty.util.log.class=org.eclipse.jetty.util.log.JavaUtilLog

4
java/ql/integration-tests/java/java-web-jsp/src/main/resources/logging.properties Normal file
View File

@@ -0,0 +1,4 @@
handlers = org.eclipse.jetty.demo.SystemOutHandler
.level = INFO
#org.eclipse.jetty.level = FINE
#org.apache.level = FINEST

28
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/WEB-INF/acme-taglib.tld Normal file
View File

@@ -0,0 +1,28 @@
<?xml version="1.0" encoding="ISO-8859-1" ?>
<!DOCTYPE taglib
PUBLIC "-//Sun Microsystems, Inc.//DTD JSP Tag Library 1.2//EN"
"http://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd">
<taglib>
<tlib-version>1.0</tlib-version>
<jsp-version>1.2</jsp-version>
<short-name>acme</short-name>
<uri>http://www.acme.com/taglib</uri>
<description>taglib example</description>
<listener>
<listener-class>com.acme.TagListener</listener-class>
</listener>
<tag>
<name>date</name>
<tag-class>com.acme.DateTag</tag-class>
<body-content>TAGDEPENDENT</body-content>
<description>Display Date</description>
<attribute>
<name>tz</name>
<required>false</required>
</attribute>
</tag>
</taglib>

35
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/WEB-INF/acme-taglib2.tld Normal file
View File

@@ -0,0 +1,35 @@
<?xml version="1.0" encoding="UTF-8" ?>
<taglib xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee web-jsptaglibrary_2_0.xsd"
version="2.0">
<description>Acme JSP2 tags</description>
<tlib-version>1.0</tlib-version>
<short-name>acme2</short-name>
<uri>http://www.acme.com/taglib2</uri>
<tag>
<description>Simple Date formatting</description>
<name>date2</name>
<tag-class>com.acme.Date2Tag</tag-class>
<body-content>scriptless</body-content>
<variable>
<description>Day of the Month</description>
<name-given>day</name-given>
</variable>
<variable>
<description>Month of the Year</description>
<name-given>month</name-given>
</variable>
<variable>
<description>Year</description>
<name-given>year</name-given>
</variable>
<attribute>
<name>format</name>
<required>true</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
</tag>
</taglib>

9
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/WEB-INF/applicationContext.xml Normal file
View File

@@ -0,0 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
</beans>

1
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/WEB-INF/secret.jsp Normal file
View File

@@ -0,0 +1 @@
This page should be private.

475
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/WEB-INF/spring.tld Normal file
View File

@@ -0,0 +1,475 @@
<?xml version="1.0" encoding="UTF-8"?>
<taglib xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd"
version="2.0">
<description>Spring Framework JSP Tag Library</description>
<tlib-version>4.0</tlib-version>
<short-name>spring</short-name>
<uri>http://www.springframework.org/tags</uri>
<tag>
<description>
Sets default HTML escape value for the current page.
Overrides a "defaultHtmlEscape" context-param in web.xml, if any.
</description>
<name>htmlEscape</name>
<tag-class>org.springframework.web.servlet.tags.HtmlEscapeTag</tag-class>
<body-content>JSP</body-content>
<attribute>
<description>Set the default value for HTML escaping, to be put
into the current PageContext.</description>
<name>defaultHtmlEscape</name>
<required>true</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
</tag>
<tag>
<description>
Escapes its enclosed body content, applying HTML escaping and/or JavaScript escaping.
The HTML escaping flag participates in a page-wide or application-wide setting
(i.e. by HtmlEscapeTag or a "defaultHtmlEscape" context-param in web.xml).
</description>
<name>escapeBody</name>
<tag-class>org.springframework.web.servlet.tags.EscapeBodyTag</tag-class>
<body-content>JSP</body-content>
<attribute>
<description>Set HTML escaping for this tag, as boolean value. Overrides the
default HTML escaping setting for the current page.</description>
<name>htmlEscape</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Set JavaScript escaping for this tag, as boolean value.
Default is false.</description>
<name>javaScriptEscape</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
</tag>
<tag>
<description>
Retrieves the message with the given code, or text if code isn't resolvable.
The HTML escaping flag participates in a page-wide or application-wide setting
(i.e. by HtmlEscapeTag or a "defaultHtmlEscape" context-param in web.xml).
</description>
<name>message</name>
<tag-class>org.springframework.web.servlet.tags.MessageTag</tag-class>
<body-content>JSP</body-content>
<attribute>
<description>A MessageSourceResolvable argument (direct or through JSP EL).
Fits nicely when used in conjunction with Spring's own validation error
classes which all implement the MessageSourceResolvable interface. For
example, this allows you to iterate over all of the errors in a form,
passing each error (using a runtime expression) as the value of this
'message' attribute, thus effecting the easy display of such error
messages.</description>
<name>message</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>The code (key) to use when looking up the message.
If code is not provided, the text attribute will be used.</description>
<name>code</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Set optional message arguments for this tag, as a
(comma-)delimited String (each String argument can contain JSP EL),
an Object array (used as argument array), or a single Object (used
as single argument). You can additionally use nested spring:argument
tags.</description>
<name>arguments</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>The separator character to be used for splitting the
arguments string value; defaults to a 'comma' (',').</description>
<name>argumentSeparator</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Default text to output when a message for the given code
could not be found. If both text and code are not set, the tag will
output null.</description>
<name>text</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>The string to use when binding the result to the page,
request, session or application scope. If not specified, the result
gets outputted to the writer (i.e. typically directly to the JSP).</description>
<name>var</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>The scope to use when exporting the result to a variable.
This attribute is only used when var is also set. Possible values are
page, request, session and application.</description>
<name>scope</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Set HTML escaping for this tag, as boolean value.
Overrides the default HTML escaping setting for the current page.</description>
<name>htmlEscape</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Set JavaScript escaping for this tag, as boolean value. Default is false.</description>
<name>javaScriptEscape</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
</tag>
<tag>
<description>
Retrieves the theme message with the given code, or text if code isn't resolvable.
The HTML escaping flag participates in a page-wide or application-wide setting
(i.e. by HtmlEscapeTag or a "defaultHtmlEscape" context-param in web.xml).
</description>
<name>theme</name>
<tag-class>org.springframework.web.servlet.tags.ThemeTag</tag-class>
<body-content>JSP</body-content>
<attribute>
<description>A MessageSourceResolvable argument (direct or through JSP EL).</description>
<name>message</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>The code (key) to use when looking up the message.
If code is not provided, the text attribute will be used.</description>
<name>code</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Set optional message arguments for this tag, as a
(comma-)delimited String (each String argument can contain JSP EL),
an Object array (used as argument array), or a single Object (used
as single argument). You can additionally use nested spring:argument
tags.</description>
<name>arguments</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>The separator character to be used for splitting the
arguments string value; defaults to a 'comma' (',').</description>
<name>argumentSeparator</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Default text to output when a message for the given code
could not be found. If both text and code are not set, the tag will
output null.</description>
<name>text</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>The string to use when binding the result to the page,
request, session or application scope. If not specified, the result
gets outputted to the writer (i.e. typically directly to the JSP).</description>
<name>var</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>The scope to use when exporting the result to a variable.
This attribute is only used when var is also set. Possible values are
page, request, session and application.</description>
<name>scope</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Set HTML escaping for this tag, as boolean value.
Overrides the default HTML escaping setting for the current page.</description>
<name>htmlEscape</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Set JavaScript escaping for this tag, as boolean value. Default is false.</description>
<name>javaScriptEscape</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
</tag>
<tag>
<description>Argument tag based on the JSTL fmt:param tag. The purpose is to
support arguments inside the spring:message and spring:theme
tags.</description>
<name>argument</name>
<tag-class>org.springframework.web.servlet.tags.ArgumentTag</tag-class>
<body-content>JSP</body-content>
<attribute>
<description>The value of the argument.</description>
<name>value</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
<type>java.lang.Object</type>
</attribute>
</tag>
<tag>
<description>
Provides Errors instance in case of bind errors.
The HTML escaping flag participates in a page-wide or application-wide setting
(i.e. by HtmlEscapeTag or a "defaultHtmlEscape" context-param in web.xml).
</description>
<name>hasBindErrors</name>
<tag-class>org.springframework.web.servlet.tags.BindErrorsTag</tag-class>
<body-content>JSP</body-content>
<variable>
<name-given>errors</name-given>
<variable-class>org.springframework.validation.Errors</variable-class>
</variable>
<attribute>
<description>The name of the bean in the request, that needs to be
inspected for errors. If errors are available for this bean, they
will be bound under the 'errors' key.</description>
<name>name</name>
<required>true</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Set HTML escaping for this tag, as boolean value.
Overrides the default HTML escaping setting for the current page.</description>
<name>htmlEscape</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
</tag>
<tag>
<description>
Sets a nested path to be used by the bind tag's path.
</description>
<name>nestedPath</name>
<tag-class>org.springframework.web.servlet.tags.NestedPathTag</tag-class>
<body-content>JSP</body-content>
<variable>
<name-given>nestedPath</name-given>
<variable-class>java.lang.String</variable-class>
</variable>
<attribute>
<description>Set the path that this tag should apply. E.g. 'customer'
to allow bind paths like 'address.street' rather than
'customer.address.street'.</description>
<name>path</name>
<required>true</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
</tag>
<tag>
<description>
Provides BindStatus object for the given bind path.
The HTML escaping flag participates in a page-wide or application-wide setting
(i.e. by HtmlEscapeTag or a "defaultHtmlEscape" context-param in web.xml).
</description>
<name>bind</name>
<tag-class>org.springframework.web.servlet.tags.BindTag</tag-class>
<body-content>JSP</body-content>
<variable>
<name-given>status</name-given>
<variable-class>org.springframework.web.servlet.support.BindStatus</variable-class>
</variable>
<attribute>
<description>The path to the bean or bean property to bind status
information for. For instance account.name, company.address.zipCode
or just employee. The status object will exported to the page scope,
specifically for this bean or bean property</description>
<name>path</name>
<required>true</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Set whether to ignore a nested path, if any. Default is to not ignore.</description>
<name>ignoreNestedPath</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Set HTML escaping for this tag, as boolean value. Overrides
the default HTML escaping setting for the current page.</description>
<name>htmlEscape</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
</tag>
<tag>
<description>
Provides transformation of variables to Strings, using an appropriate
custom PropertyEditor from BindTag (can only be used inside BindTag).
The HTML escaping flag participates in a page-wide or application-wide setting
(i.e. by HtmlEscapeTag or a 'defaultHtmlEscape' context-param in web.xml).
</description>
<name>transform</name>
<tag-class>org.springframework.web.servlet.tags.TransformTag</tag-class>
<body-content>JSP</body-content>
<attribute>
<description>The value to transform. This is the actual object you want
to have transformed (for instance a Date). Using the PropertyEditor that
is currently in use by the 'spring:bind' tag.</description>
<name>value</name>
<required>true</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>The string to use when binding the result to the page,
request, session or application scope. If not specified, the result gets
outputted to the writer (i.e. typically directly to the JSP).</description>
<name>var</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>The scope to use when exported the result to a variable.
This attribute is only used when var is also set. Possible values are
page, request, session and application.</description>
<name>scope</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Set HTML escaping for this tag, as boolean value. Overrides
the default HTML escaping setting for the current page.</description>
<name>htmlEscape</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
</tag>
<tag>
<description>URL tag based on the JSTL c:url tag. This variant is fully
backwards compatible with the standard tag. Enhancements include support
for URL template parameters.</description>
<name>url</name>
<tag-class>org.springframework.web.servlet.tags.UrlTag</tag-class>
<body-content>JSP</body-content>
<attribute>
<description>The URL to build. This value can include template place holders
that are replaced with the URL encoded value of the named parameter. Parameters
must be defined using the param tag inside the body of this tag.</description>
<name>value</name>
<required>true</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Specifies a remote application context path. The default is the
current application context path.</description>
<name>context</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>The name of the variable to export the URL value to.</description>
<name>var</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>The scope for the var. 'application', 'session', 'request' and
'page' scopes are supported. Defaults to page scope. This attribute has no
effect unless the var attribute is also defined.</description>
<name>scope</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Set HTML escaping for this tag, as a boolean value. Overrides the
default HTML escaping setting for the current page.</description>
<name>htmlEscape</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Set JavaScript escaping for this tag, as a boolean value.
Default is false.</description>
<name>javaScriptEscape</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
</tag>
<tag>
<description>Parameter tag based on the JSTL c:param tag. The sole purpose is to
support params inside the spring:url tag.</description>
<name>param</name>
<tag-class>org.springframework.web.servlet.tags.ParamTag</tag-class>
<body-content>JSP</body-content>
<attribute>
<description>The name of the parameter.</description>
<name>name</name>
<required>true</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>The value of the parameter.</description>
<name>value</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
</tag>
<tag>
<description>Evaluates a Spring expression (SpEL) and either prints the result or assigns it to a variable.</description>
<name>eval</name>
<tag-class>org.springframework.web.servlet.tags.EvalTag</tag-class>
<body-content>JSP</body-content>
<attribute>
<description>The expression to evaluate.</description>
<name>expression</name>
<required>true</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>The name of the variable to export the evaluation result to.</description>
<name>var</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>The scope for the var. 'application', 'session', 'request' and
'page' scopes are supported. Defaults to page scope. This attribute has no
effect unless the var attribute is also defined.</description>
<name>scope</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Set HTML escaping for this tag, as a boolean value. Overrides the
default HTML escaping setting for the current page.</description>
<name>htmlEscape</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
<attribute>
<description>Set JavaScript escaping for this tag, as a boolean value. Default is false.</description>
<name>javaScriptEscape</name>
<required>false</required>
<rtexprvalue>true</rtexprvalue>
</attribute>
</tag>
</taglib>

17
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/WEB-INF/tags/panel.tag Normal file
View File

@@ -0,0 +1,17 @@
<%--
- Copyright (c) 2002 The Apache Software Foundation. All rights
- reserved.
--%>
<%@ attribute name="color" %>
<%@ attribute name="bgcolor" %>
<%@ attribute name="title" %>
<table border="1" bgcolor="${color}">
<tr>
<td><b>${title}</b></td>
</tr>
<tr>
<td bgcolor="${bgcolor}">
<jsp:doBody/>
</td>
</tr>
</table>

9
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/WEB-INF/web.xml Normal file
View File

@@ -0,0 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>Vulnerable JSP Application</display-name>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
</web-app>

14
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/WEB-INF/weblogic.xml Normal file
View File

@@ -0,0 +1,14 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE weblogic-web-app PUBLIC "-//BEA Systems, Inc.//DTD Web Application 8.1//EN" "http://www.bea.com/servers/wls810/dtd/weblogic810-web-jar.dtd" >
<weblogic-web-app>
<jsp-descriptor>
<jsp-param>
<param-name>compileFlags</param-name>
<param-value>-g</param-value>
</jsp-param>
<jsp-param>
<param-name>keepgenerated</param-name>
<param-value>true</param-value>
</jsp-param>
</jsp-descriptor>
</weblogic-web-app>

1
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/include/${param.secret_param}.jsp Normal file
View File

@@ -0,0 +1 @@
Dummy

5
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/include/jsp_include_1.jsp Normal file
View File

@@ -0,0 +1,5 @@
<i>Psst <a href="?secret_param=../WEB-INF/secret.jsp">click me</a> or <a href="?secret_param=../WEB-INF/web.xml">click me</a>!</i>
<br/><br/>
<jsp:include page="safe$afe.jsp" />
<jsp:include page="${param.secret_param}" /><%-- This line doesn't compile in weblogic --%>

6
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/include/jsp_include_2_safe.jsp Normal file
View File

@@ -0,0 +1,6 @@
<i>Psst <a href="?secret_param=../WEB-INF/secret.jsp">click me</a> or <a href="?secret_param=../WEB-INF/web.xml">click me</a>!</i>
<br/><br/>
<%@include file="${param.secret_param}.jsp"%> <!-- Safe will be evaluate as literal -->
<%-- This line doesn't compile in weblogic --%>

9
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/include/jsp_include_3.jsp Normal file
View File

@@ -0,0 +1,9 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<i>Psst <a href="?secret_param=../WEB-INF/secret.jsp">click me</a> or <a href="?secret_param=../WEB-INF/web.xml">click me</a>!</i>
<br/><br/>
<c:if test="${param.secret_param != null}">
<c:import url="${param.secret_param}" />
</c:if>

45
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/index.jsp Normal file
View File

@@ -0,0 +1,45 @@
<html>
<head>
<title>Embedded Jetty: JSP Examples</title>
</head>
<body>
<h1>Vulnerable JSP pages</h1>
<h2>XSS</h2>
<ul>
<li><a href="/xss/xss0.jsp">XSS 0</a></li>
<li><a href="/xss/xss1.jsp">XSS 1</a></li>
<li><a href="/xss/xss2.jsp">XSS 2</a></li>
<li><a href="/xss/xss3.jsp">XSS 3</a></li>
<li><a href="/xss/xss4.jsp">XSS 4</a></li>
<li><a href="/xss/xss5.jsp">XSS 5</a></li>
</ul>
<h2>XML parsing</h2>
<ul>
<li><a href="/xml/xml1.jsp?xml=<stock><symbol>TKM%3C%2Fsymbol>%3C%2Fstock>">XML 1</a></li>
<li><a href="/xml/xml2.jsp">XML 2</a></li>
</ul>
<h2>XSLT</h2>
<ul>
<li><a href='/xsl/xsl1.jsp?xml=<stock><symbol>TKM%3C%2Fsymbol>%3C%2Fstock>&xslt=%3Cxsl%3Astylesheet%20version%3D"1.0"%0A%20xmlns%3Axsl%3D"http%3A%2F%2Fwww.w3.org%2F1999%2FXSL%2FTransform"%20%20%20%20%20%20%20%20%20%0A%20xmlns%3Art%3D"http%3A%2F%2Fxml.apache.org%2Fxalan%2Fjava%2Fjava.lang.Runtime"%0A%20exclude-result-prefixes%3D"date">%0A%20%20%20%20%20%20%20%20%3Cxsl%3Aoutput%20method%3D"text"%2F>%0A%20%20%20%20%20%20%20%20%3Cxsl%3Atemplate%20match%3D"%2F">%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3Cxsl%3Atext>Quote%20requested%20for%3A%20%3C%2Fxsl%3Atext>%3Cblink>%3Cxsl%3Avalue-of%20select%3D"stock%2Fsymbol"%2F>%3C%2Fblink>%0A%20%20%20%20%20%20%20%20%3C%2Fxsl%3Atemplate>%0A%3C%2Fxsl%3Astylesheet>'>XSL 1</a></li>
<li><a href='/xsl/xsl2.jsp?xslt=%3Cxsl%3Astylesheet%20version%3D"1.0"%0A%20xmlns%3Axsl%3D"http%3A%2F%2Fwww.w3.org%2F1999%2FXSL%2FTransform"%20%20%20%20%20%20%20%20%20%0A%20xmlns%3Art%3D"http%3A%2F%2Fxml.apache.org%2Fxalan%2Fjava%2Fjava.lang.Runtime"%0A%20exclude-result-prefixes%3D"date">%0A%20%20%20%20%20%20%20%20%3Cxsl%3Aoutput%20method%3D"text"%2F>%0A%20%20%20%20%20%20%20%20%3Cxsl%3Atemplate%20match%3D"%2F">%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3Cxsl%3Atext>Quote%20requested%20for%3A%20%3C%2Fxsl%3Atext>%3Cblink>%3Cxsl%3Avalue-of%20select%3D"stock%2Fsymbol"%2F>%3C%2Fblink>%0A%20%20%20%20%20%20%20%20%3C%2Fxsl%3Atemplate>%0A%3C%2Fxsl%3Astylesheet>'>XSL 2</a></li>
<li><a href='/xsl/xsl3.jsp?xml=<stock><symbol>TKM%3C%2Fsymbol>%3C%2Fstock>'>XSL 3</a></li>
<li><a href='/xsl/xsl4.jsp'>XSL 4</a></li>
</ul>
<h2>Various JSP samples </h2>
<ul>
<li><a href="test/dump.jsp">JSP 1.2 embedded java</a></li>
<li><a href="test/bean1.jsp">JSP 1.2 Bean demo</a></li>
<li><a href="test/tag.jsp">JSP 1.2 BodyTag demo</a></li>
<li><a href="test/tag2.jsp">JSP 2.0 SimpleTag demo</a></li>
<li><a href="test/tagfile.jsp">JSP 2.0 Tag File demo</a></li>
<li><a href="test/expr.jsp?A=1">JSP 2.0 Tag Expression</a></li>
<li><a href="test/jstl.jsp">JSTL Expression</a></li>
<li><a href="test/foo/">Mapping to &lt;jsp-file&gt;</a></li>
<li><a href="date/">Servlet Forwarding to JSP demo</a></li>
</ul>
</body>
</html>

3
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/jstl/jstl_escape_1.jsp Normal file
View File

@@ -0,0 +1,3 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<c:out value="${param.test_param}"/>

3
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/jstl/jstl_escape_2.jsp Normal file
View File

@@ -0,0 +1,3 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<c:out value="${param.test_param}" escapeXml="true"/>

3
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/jstl/jstl_escape_3.jsp Normal file
View File

@@ -0,0 +1,3 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<c:out value="${param.test_param}" escapeXml="false"/>

6
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/random.jsp Normal file
View File

@@ -0,0 +1,6 @@
<%@ page import="java.util.Random" %>
<%
Random random = new Random();
%>
<%= random.nextInt() %>

20
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/spring/spring_eval_1.jsp Normal file
View File

@@ -0,0 +1,20 @@
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<form method="get" action="">
<input type="text" name="expression" value="1+1"> <input type="submit" value="test">
</form>
<c:set var="expression" value="${param.expression}" scope="request" />
Evaluating ("&#36;{expression}") : <c:out value="${expression}" /><br/>
<br/>
<c:if test="${expression != null}">
Output:
<pre style="background-color:#CCC">
<spring:eval expression="${expression}" var="results" />
<c:out value="${results}" />
</pre>
</c:if>

20
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/spring/spring_eval_2.jsp Normal file
View File

@@ -0,0 +1,20 @@
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
Change the language:
<form method="get" action="">
<input type="text" name="lang" value="1+1"> <input type="submit" value="test">
</form>
Evaluating ("&#36;{param.lang}") : <c:out value="${param.lang}" /><br/>
<br/>
<c:if test="${param.lang != null}">
Output:
<pre style="background-color:#CCC">
<spring:eval expression="${param.lang}" var="results" />
<c:out value="${results}" />
</pre>
</c:if>

20
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/spring/spring_eval_3.jsp Normal file
View File

@@ -0,0 +1,20 @@
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
Value is YOLO ?:
<form method="get" action="">
<input type="text" name="value" value="1+1"> <input type="submit" value="test">
</form>
Evaluating ("'&#36;{param.value}'=='YOLO'") : <c:out value="${param.value}" /><br/>
<br/>
<c:if test="${param.value != null}">
Output:
<pre style="background-color:#CCC">
<spring:eval expression="'${param.value}'=='YOLO'" var="results" />
<c:out value="${results}" />
</pre>
</c:if>

20
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/spring/spring_eval_4_safe.jsp Normal file
View File

@@ -0,0 +1,20 @@
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
Set some value :
<form method="get" action="">
<input type="text" name="value" value="1+1"> <input type="submit" value="test">
</form>
Evaluating ("param.value") : <c:out value="${param.value}" /><br/>
<br/>
<c:if test="${param.value != null}">
Output:
<pre style="background-color:#CCC">
<spring:eval expression="param.value" var="results" />
<c:out value="${results}" />
</pre>
</c:if>

15
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/test/bean1.jsp Normal file
View File

@@ -0,0 +1,15 @@
<html>
<%@ page session="true"%>
<body>
<jsp:useBean id='counter' scope='session' class='com.acme.Counter' type="com.acme.Counter" />
<h1>JSP1.2 Beans: 1</h1>
Counter accessed <jsp:getProperty name="counter" property="count"/> times.<br/>
Counter last accessed by <jsp:getProperty name="counter" property="last"/><br/>
<jsp:setProperty name="counter" property="last" value="<%= request.getRequestURI()%>"/>
<a href="bean2.jsp">Goto bean2.jsp</a>
</body>
</html>

15
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/test/bean2.jsp Normal file
View File

@@ -0,0 +1,15 @@
<html>
<%@ page session="true"%>
<body>
<jsp:useBean id='counter' scope='session' class='com.acme.Counter' type="com.acme.Counter" />
<h1>JSP1.2 Beans: 2</h1>
Counter accessed <jsp:getProperty name="counter" property="count"/> times.<br/>
Counter last accessed by <jsp:getProperty name="counter" property="last"/><br/>
<jsp:setProperty name="counter" property="last" value="<%= request.getRequestURI()%>"/>
<a href="bean1.jsp">Goto bean1.jsp</a>
</body>
</html>

23
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/test/dump.jsp Normal file
View File

@@ -0,0 +1,23 @@
<html><head>
<%@ page import="java.util.Enumeration" %>
</head><body>
<h1>JSP Dump</h1>
<table border="1">
<tr><th>Request URI:</th><td><%= request.getRequestURI() %></td></tr>
<tr><th>ServletPath:</th><td><%= request.getServletPath() %></td></tr>
<tr><th>PathInfo:</th><td><%= request.getPathInfo() %></td></tr>
<%
Enumeration e =request.getParameterNames();
while(e.hasMoreElements())
{
String name = (String)e.nextElement();
%>
<tr>
<th>getParameter("<%= name %>")</th>
<td><%= request.getParameter(name) %></td></tr>
<% } %>
</table>
</body></html>

23
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/test/expr.jsp Normal file
View File

@@ -0,0 +1,23 @@
<html>
<h1>JSP2.0 Expressions</h1>
<table border="1">
<tr><th>Expression</th><th>Result</th></tr>
<tr>
<td>\${param["A"]}</td>
<td>${param["A"]}&nbsp;</td>
</tr><tr>
<td>\${header["host"]}</td>
<td>${header["host"]}</td>
</tr><tr>
<td>\${header["user-agent"]}</td>
<td>${header["user-agent"]}</td>
</tr><tr>
<td>\${1+1}</td>
<td>${1+1}</td>
</tr><tr>
<td>\${param["A"] * 2}</td>
<td>${param["A"] * 2}&nbsp;</td>
</tr>
</table>
</html>

15
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/test/foo/foo.jsp Normal file
View File

@@ -0,0 +1,15 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html>
<head>
</head>
<body>
<h1>FOO Example</h1>
<hr>
<p>A trivial FOO example
<hr>
<c:forEach var="i" begin="1" end="10" step="1">
<c:out value="${i}" />
<br />
</c:forEach>
</body>
</html>

15
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/test/jstl.jsp Normal file
View File

@@ -0,0 +1,15 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html>
<head>
</head>
<body>
<h1>JSTL Example</h1>
<hr>
<p>A trivial jstl example
<hr>
<c:forEach var="i" begin="1" end="10" step="1">
<c:out value="${i}" />
<br />
</c:forEach>
</body>
</html>

16
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/test/tag.jsp Normal file
View File

@@ -0,0 +1,16 @@
<html>
<body>
<%@ taglib uri="http://www.acme.com/taglib" prefix="acme" %>
<small>&lt;acme:date tz="GMT"&gt;EEE, dd/MMM/yyyy HH:mm:ss ZZZ&lt;/acme:date&gt;
==&gt;</small>
<acme:date tz="GMT">EEE, dd/MMM/yyyy HH:mm:ss ZZZ</acme:date>
<br/>
<small>&lt;acme:date tz="EST"&gt;EEE, dd-MMM-yyyy HH:mm:ss ZZZ&lt;/acme:date&gt;
==&gt;</small>
<acme:date tz="EST">EEE, dd-MMM-yyyy HH:mm:ss ZZZ</acme:date>
<br/>
</body>
</html>

19
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/test/tag2.jsp Normal file
View File

@@ -0,0 +1,19 @@
<html>
<body>
<%@ taglib uri="http://www.acme.com/taglib2" prefix="acme" %>
<acme:date2 format="long">
On ${day} of ${month} in the year ${year}
</acme:date2>
<br/>
<acme:date2 format="short">
${day} - ${month} - ${year}
</acme:date2>
<br/>
</body>
</html>

37
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/test/tagfile.jsp Normal file
View File

@@ -0,0 +1,37 @@
<%@ taglib prefix="acme" tagdir="/WEB-INF/tags" %>
<html>
<head>
</head>
<body>
<h1>JSP 2.0 Tag File Example</h1>
<hr>
<p>Panel tag created from JSP fragment file in WEB-INF/tags
<hr>
<table border="0">
<tr valign="top">
<td>
<acme:panel color="#ff8080" bgcolor="#ffc0c0" title="Panel 1">
First panel.<br/>
</acme:panel>
</td>
<td>
<acme:panel color="#80ff80" bgcolor="#c0ffc0" title="Panel 2">
Second panel.<br/>
Second panel.<br/>
Second panel.<br/>
Second panel.<br/>
</acme:panel>
</td>
<td>
<acme:panel color="#8080ff" bgcolor="#c0c0ff" title="Panel 3">
Third panel.<br/>
<acme:panel color="#ff80ff" bgcolor="#ffc0ff" title="Inner">
A panel in a panel.
</acme:panel>
Third panel.<br/>
</acme:panel>
</td>
</tr>
</table>
</body>
</html>

21
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/various.jsp Normal file
View File

@@ -0,0 +1,21 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
JSTL
<c:out value="${param.test_param1}"/>
<c:out value="${param.test_param2}" escapeXml="true"/>
<c:out value="${param.test_param3}" escapeXml="false"/>
JSP include
<%@include file="index.jsp"%>
<c:import url="${param.secret_param}" />
Spring eval
<spring:eval expression="${param.lang}" var="results" />
<c:out value="${results}" />

3
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/xml/xml1.jsp Normal file
View File

@@ -0,0 +1,3 @@
<%@ taglib prefix="x" uri="http://java.sun.com/jsp/jstl/xml" %>
<x:parse var="doc" xml="${param.xml}" />
You requested a quote for: <x:out select="$doc/stock/symbol" />

3
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/xml/xml2.jsp Normal file
View File

@@ -0,0 +1,3 @@
<%@ taglib prefix="x" uri="http://java.sun.com/jsp/jstl/xml" %>
<x:parse var="doc" xml="<stock><symbol>TKM</symbol></stock>" />
You requested a quote for: <x:out select="$doc/stock/symbol" />

2
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/xsl/xsl1.jsp Normal file
View File

@@ -0,0 +1,2 @@
<%@ taglib prefix="x" uri="http://java.sun.com/jsp/jstl/xml" %>
<x:transform xml="${param.xml}" xslt="${param.xslt}" />

2
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/xsl/xsl2.jsp Normal file
View File

@@ -0,0 +1,2 @@
<%@ taglib prefix="x" uri="http://java.sun.com/jsp/jstl/xml" %>
<x:transform xml="<stock><symbol>TKM</symbol></stock>" xslt="${param.xslt}" />

2
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/xsl/xsl3.jsp Normal file
View File

@@ -0,0 +1,2 @@
<%@ taglib prefix="x" uri="http://java.sun.com/jsp/jstl/xml" %>
<x:transform xml="${param.xml}" xslt='<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" exclude-result-prefixes="date"></xsl:stylesheet>' />

2
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/xsl/xsl4.jsp Normal file
View File

@@ -0,0 +1,2 @@
<%@ taglib prefix="x" uri="http://java.sun.com/jsp/jstl/xml" %>
<x:transform xml="<static>SAFE</static>" xslt='<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" exclude-result-prefixes="date"></xsl:stylesheet>' />

6
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/xss/xss0.jsp Normal file
View File

@@ -0,0 +1,6 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<p>
Client message:<br/>
<c:out value="${param.test}" escapeXml="false"/>
</p>

4
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/xss/xss1.jsp Normal file
View File

@@ -0,0 +1,4 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<script>
var test = ${param.test};
</script>

4
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/xss/xss2.jsp Normal file
View File

@@ -0,0 +1,4 @@
Contact form:<br/>
<textarea>${param.message}</textarea>

3
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/xss/xss3.jsp Normal file
View File

@@ -0,0 +1,3 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
Hello <c:out value="${param.test}"/>!

7
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/xss/xss4.jsp Normal file
View File

@@ -0,0 +1,7 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<script>
function hello(param1,param2) {
console.info(param1+" "+param2);
}
var test = hello('<c:out value="${param.test1}"/>','<c:out value="${param.test2}"/>');
</script>

11
java/ql/integration-tests/java/java-web-jsp/src/main/webapp/xss/xss5.jsp Normal file
View File

@@ -0,0 +1,11 @@
<%@taglib prefix="e" uri="https://www.owasp.org/index.php/OWASP_Java_Encoder_Project" %>
<h1>${e:forHtml(param.test1)}</h1>
<script>
function hello(param1,param2) {
console.info(param1+" "+param2);
}
var test = hello('${e:forJavaScript(param.test1)}','${e:forJavaScript(param.test2)}');
</script>

58
java/ql/integration-tests/java/java-web-jsp/test.expected Normal file
View File

@@ -0,0 +1,58 @@
#select
| src/main/java/com/acme/Counter.java:0:0:0:0 | Counter |
| src/main/java/com/acme/Date2Tag.java:0:0:0:0 | Date2Tag |
| src/main/java/com/acme/DateServlet.java:0:0:0:0 | DateServlet |
| src/main/java/com/acme/DateTag.java:0:0:0:0 | DateTag |
| src/main/java/com/acme/TagListener.java:0:0:0:0 | TagListener |
| src/main/java/org/eclipse/jetty/demo/LoggingUtil.java:0:0:0:0 | LoggingUtil |
| src/main/java/org/eclipse/jetty/demo/Main.java:0:0:0:0 | Main |
| src/main/java/org/eclipse/jetty/demo/SystemOutHandler.java:0:0:0:0 | SystemOutHandler |
| target/classes/jsp/WEB_002dINF/secret_jsp.java:0:0:0:0 | secret_jsp |
| target/classes/jsp/include/$_007bparam_secret_005fparam_007d_jsp.java:0:0:0:0 | $_007bparam_secret_005fparam_007d_jsp |
| target/classes/jsp/include/jsp_005finclude_005f1_jsp.java:0:0:0:0 | jsp_005finclude_005f1_jsp |
| target/classes/jsp/include/jsp_005finclude_005f2_005fsafe_jsp.java:0:0:0:0 | jsp_005finclude_005f2_005fsafe_jsp |
| target/classes/jsp/include/jsp_005finclude_005f3_jsp.java:0:0:0:0 | jsp_005finclude_005f3_jsp |
| target/classes/jsp/index_jsp.java:0:0:0:0 | index_jsp |
| target/classes/jsp/jstl/jstl_005fescape_005f1_jsp.java:0:0:0:0 | jstl_005fescape_005f1_jsp |
| target/classes/jsp/jstl/jstl_005fescape_005f2_jsp.java:0:0:0:0 | jstl_005fescape_005f2_jsp |
| target/classes/jsp/jstl/jstl_005fescape_005f3_jsp.java:0:0:0:0 | jstl_005fescape_005f3_jsp |
| target/classes/jsp/random_jsp.java:0:0:0:0 | random_jsp |
| target/classes/jsp/spring/spring_005feval_005f1_jsp.java:0:0:0:0 | spring_005feval_005f1_jsp |
| target/classes/jsp/spring/spring_005feval_005f2_jsp.java:0:0:0:0 | spring_005feval_005f2_jsp |
| target/classes/jsp/spring/spring_005feval_005f3_jsp.java:0:0:0:0 | spring_005feval_005f3_jsp |
| target/classes/jsp/spring/spring_005feval_005f4_005fsafe_jsp.java:0:0:0:0 | spring_005feval_005f4_005fsafe_jsp |
| target/classes/jsp/test/bean1_jsp.java:0:0:0:0 | bean1_jsp |
| target/classes/jsp/test/bean2_jsp.java:0:0:0:0 | bean2_jsp |
| target/classes/jsp/test/dump_jsp.java:0:0:0:0 | dump_jsp |
| target/classes/jsp/test/expr_jsp.java:0:0:0:0 | expr_jsp |
| target/classes/jsp/test/foo/foo_jsp.java:0:0:0:0 | foo_jsp |
| target/classes/jsp/test/jstl_jsp.java:0:0:0:0 | jstl_jsp |
| target/classes/jsp/test/tag2_jsp.java:0:0:0:0 | tag2_jsp |
| target/classes/jsp/test/tag_jsp.java:0:0:0:0 | tag_jsp |
| target/classes/jsp/test/tagfile_jsp.java:0:0:0:0 | tagfile_jsp |
| target/classes/jsp/various_jsp.java:0:0:0:0 | various_jsp |
| target/classes/jsp/xml/xml1_jsp.java:0:0:0:0 | xml1_jsp |
| target/classes/jsp/xml/xml2_jsp.java:0:0:0:0 | xml2_jsp |
| target/classes/jsp/xsl/xsl1_jsp.java:0:0:0:0 | xsl1_jsp |
| target/classes/jsp/xsl/xsl2_jsp.java:0:0:0:0 | xsl2_jsp |
| target/classes/jsp/xsl/xsl3_jsp.java:0:0:0:0 | xsl3_jsp |
| target/classes/jsp/xsl/xsl4_jsp.java:0:0:0:0 | xsl4_jsp |
| target/classes/jsp/xss/xss0_jsp.java:0:0:0:0 | xss0_jsp |
| target/classes/jsp/xss/xss1_jsp.java:0:0:0:0 | xss1_jsp |
| target/classes/jsp/xss/xss2_jsp.java:0:0:0:0 | xss2_jsp |
| target/classes/jsp/xss/xss3_jsp.java:0:0:0:0 | xss3_jsp |
| target/classes/jsp/xss/xss4_jsp.java:0:0:0:0 | xss4_jsp |
| target/classes/jsp/xss/xss5_jsp.java:0:0:0:0 | xss5_jsp |
| target/classes/org/apache/jsp/tag/web/panel_tag.java:0:0:0:0 | panel_tag |
xmlFiles
| pom.xml:0:0:0:0 | pom.xml |
| spotbugs-security-exclude.xml:0:0:0:0 | spotbugs-security-exclude.xml |
| spotbugs-security-include.xml:0:0:0:0 | spotbugs-security-include.xml |
| src/main/webapp/WEB-INF/applicationContext.xml:0:0:0:0 | src/main/webapp/WEB-INF/applicationContext.xml |
| src/main/webapp/WEB-INF/web.xml:0:0:0:0 | src/main/webapp/WEB-INF/web.xml |
| src/main/webapp/WEB-INF/weblogic.xml:0:0:0:0 | src/main/webapp/WEB-INF/weblogic.xml |
| target/vulnerable-jsp-app-1.0.0-SNAPSHOT/WEB-INF/applicationContext.xml:0:0:0:0 | target/vulnerable-jsp-app-1.0.0-SNAPSHOT/WEB-INF/applicationContext.xml |
| target/vulnerable-jsp-app-1.0.0-SNAPSHOT/WEB-INF/web.xml:0:0:0:0 | target/vulnerable-jsp-app-1.0.0-SNAPSHOT/WEB-INF/web.xml |
| target/vulnerable-jsp-app-1.0.0-SNAPSHOT/WEB-INF/weblogic.xml:0:0:0:0 | target/vulnerable-jsp-app-1.0.0-SNAPSHOT/WEB-INF/weblogic.xml |
| target/web.xml:0:0:0:0 | target/web.xml |
| target/webfrag.xml:0:0:0:0 | target/webfrag.xml |

4
java/ql/integration-tests/java/java-web-jsp/test.py Normal file
View File

@@ -0,0 +1,4 @@
def test(codeql, java):
codeql.database.create(
command="mvn clean package -P tomcat8Jsp", _env={"CODEQL_EXTRACTOR_JAVA_JSP": "true"}
)

7
java/ql/integration-tests/java/java-web-jsp/test.ql Normal file
View File

@@ -0,0 +1,7 @@
import java
from File f
where f.isSourceFile()
select f
query predicate xmlFiles(XmlFile x) { any() }