hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
alexet/avoid-path-node-java
codeql/java/ql/test/query-tests/security/CWE-918/JakartaWsSSRF.java
Nora Dimitrijević aac4f63e9a Java: convert RequestForgery test to .qlref
2025-06-24 16:42:32 +02:00

19 lines
577 B
Java
Raw Permalink Blame History

import jakarta.ws.rs.client.*;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class JakartaWsSSRF extends HttpServlet {
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
Client client = ClientBuilder.newClient();
String url = request.getParameter("url"); // $ Source
client.target(url); // $ Alert
}
}
Reference in New Issue View Git Blame Copy Permalink