hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update csrfComparison.java

Browse Source
This commit is contained in:
ahmed532009
2022-02-11 16:35:41 +01:00
committed by Chris Smowton
parent 333130b2a4
commit aa488e532f
1 changed files with 2 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
java/ql/src/experimental/Security/CWE/CWE-208/csrfComparison.java
View File

@@ -1,40 +1,15 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.Cookie;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
public boolean validateCsrfTokenInRequest(HttpServletRequest request) {
if (cookies != null) {
for (Cookie cookie : cookies) {
if (cookie.getName().equals(CSRF-TOKEN){
csrfCookieValue = cookie.getValue();
}
}
}
if (UnsafecsrfComparison(csrfCookieValue)) { // BAD
return true;
}
}
private boolean UnsafecsrfComparison(String csrfTokenInCookie) {
if(csrfTokenInCookie == null || !csrfTokenInCookie.equals(request.getHeader("X-CSRF-TOKEN"))) { // BAD
return false;
}
}
public boolean validateCsrfTokenInRequest(HttpServletRequest request) {
if (cookies != null) {
for (Cookie cookie : cookies) {
if (cookie.getName().equals(CSRF-TOKEN){
csrfCookieValue = cookie.getValue();
}
}
}
if (safecsrfComparison(csrfCookieValue)) { // GOOD
return true;
}
}
private boolean safecsrfComparison(String csrfTokenInCookie) {
String csrfTokenInRequest = request.getHeader("X-CSRF-TOKEN");
if (csrfTokenInRequest == null || !MessageDigest.isEqual(