hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 03:06:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update ComparingValueOfSensetiveHeader.java

Browse Source
This commit is contained in:
Ahmed Farid
2022-02-21 12:35:03 +01:00
committed by Chris Smowton
parent 4a9ee5826d
commit f758ed0d85
1 changed files with 0 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
java/ql/src/experimental/Security/CWE/CWE-208/ComparingValueOfSensetiveHeader.java
View File

@@ -2,7 +2,6 @@ import javax.servlet.http.HttpServletRequest;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.security.MessageDigest; import java.security.MessageDigest;
private boolean UnsafecsrfComparison(String csrfTokenInCookie) { private boolean UnsafecsrfComparison(String csrfTokenInCookie) {
if(csrfTokenInCookie == null || !csrfTokenInCookie.equals(request.getHeader("X-CSRF-TOKEN"))) { // BAD if(csrfTokenInCookie == null || !csrfTokenInCookie.equals(request.getHeader("X-CSRF-TOKEN"))) { // BAD
return false; return false;