List of usage examples for javax.servlet.http HttpServletRequest getHeaders
public Enumeration<String> getHeaders(String name);
Enumeration of String objects. From source file:org.owasp.benchmark.testcode.BenchmarkTest02066.java
@Override public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); String param = ""; java.util.Enumeration<String> headers = request.getHeaders("BenchmarkTest02066"); if (headers != null && headers.hasMoreElements()) { param = headers.nextElement(); // just grab first element }/* w ww . j a v a 2 s .co m*/ // URL Decode the header value since req.getHeaders() doesn't. Unlike req.getParameters(). param = java.net.URLDecoder.decode(param, "UTF-8"); String bar = doSomething(request, param); byte[] input = new byte[1000]; String str = "?"; Object inputParam = param; if (inputParam instanceof String) str = ((String) inputParam); if (inputParam instanceof java.io.InputStream) { int i = ((java.io.InputStream) inputParam).read(input); if (i == -1) { response.getWriter().println( "This input source requires a POST, not a GET. Incompatible UI for the InputStream source."); return; } str = new String(input, 0, i); } if ("".equals(str)) str = "No cookie value supplied"; javax.servlet.http.Cookie cookie = new javax.servlet.http.Cookie("SomeCookie", str); cookie.setSecure(true); // cookie.setPath("/benchmark/" + this.getClass().getSimpleName()); cookie.setPath(request.getRequestURI()); // i.e., set path to JUST this servlet // e.g., /benchmark/sql-01/BenchmarkTest01001 response.addCookie(cookie); response.getWriter().println("Created cookie: 'SomeCookie': with value: '" + org.owasp.esapi.ESAPI.encoder().encodeForHTML(str) + "' and secure flag set to: true"); }
From source file:com.gopivotal.cloudfoundry.test.core.RuntimeUtils.java
public Map<String, List<String>> requestHeaders(HttpServletRequest request) { Map<String, List<String>> headers = new TreeMap<>(); for (Enumeration<String> names = request.getHeaderNames(); names.hasMoreElements();) { String name = names.nextElement(); headers.put(name, getValuesAsList(request.getHeaders(name))); }//from w w w . j a v a2 s.com return headers; }
From source file:org.owasp.benchmark.testcode.BenchmarkTest01187.java
@Override public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); String param = ""; java.util.Enumeration<String> headers = request.getHeaders("BenchmarkTest01187"); if (headers != null && headers.hasMoreElements()) { param = headers.nextElement(); // just grab first element }//w ww. jav a 2 s. co m // URL Decode the header value since req.getHeaders() doesn't. Unlike req.getParameters(). param = java.net.URLDecoder.decode(param, "UTF-8"); String bar = new Test().doSomething(request, param); byte[] input = new byte[1000]; String str = "?"; Object inputParam = param; if (inputParam instanceof String) str = ((String) inputParam); if (inputParam instanceof java.io.InputStream) { int i = ((java.io.InputStream) inputParam).read(input); if (i == -1) { response.getWriter().println( "This input source requires a POST, not a GET. Incompatible UI for the InputStream source."); return; } str = new String(input, 0, i); } if ("".equals(str)) str = "No cookie value supplied"; javax.servlet.http.Cookie cookie = new javax.servlet.http.Cookie("SomeCookie", str); cookie.setSecure(false); // cookie.setPath("/benchmark/" + this.getClass().getSimpleName()); cookie.setPath(request.getRequestURI()); // i.e., set path to JUST this servlet // e.g., /benchmark/sql-01/BenchmarkTest01001 response.addCookie(cookie); response.getWriter().println("Created cookie: 'SomeCookie': with value: '" + org.owasp.esapi.ESAPI.encoder().encodeForHTML(str) + "' and secure flag set to: false"); }
From source file:grails.plugin.cache.web.filter.AbstractFilter.java
protected boolean headerContains(final HttpServletRequest request, final String header, final String value) { logRequestHeaders(request);//from w ww . j a v a 2 s.co m for (Enumeration<String> accepted = request.getHeaders(header); accepted.hasMoreElements();) { String headerValue = accepted.nextElement(); if (headerValue.indexOf(value) != -1) { return true; } } return false; }
From source file:com.threewks.thundr.bind.http.request.RequestHeaderBinder.java
@SuppressWarnings("unchecked") private Map<String, String[]> createNormalisedHeaderMap(HttpServletRequest req) { Map<String, String[]> results = new HashMap<String, String[]>(); Enumeration<String> headerNames = req.getHeaderNames(); if (headerNames != null) { for (String name : Expressive.iterable(headerNames)) { String[] values = headerValues(req.getHeaders(name)); results.put(normaliseHeaderName(name), values); }/*ww w. j a va2 s .c o m*/ } return results; }
From source file:org.springframework.security.oauth.provider.CoreOAuthProviderSupport.java
/** * Parse the OAuth header parameters. The parameters will be oauth-decoded. * * @param request The request.// ww w . ja va 2 s . c om * @return The parsed parameters, or null if no OAuth authorization header was supplied. */ protected Map<String, String> parseHeaderParameters(HttpServletRequest request) { String header = null; Enumeration<String> headers = request.getHeaders("Authorization"); while (headers.hasMoreElements()) { String value = headers.nextElement(); if ((value.toLowerCase().startsWith("oauth "))) { header = value; break; } } Map<String, String> parameters = null; if (header != null) { parameters = new HashMap<String, String>(); String authHeaderValue = header.substring(6); //create a map of the authorization header values per OAuth Core 1.0, section 5.4.1 String[] headerEntries = StringSplitUtils.splitIgnoringQuotes(authHeaderValue, ','); for (Object o : StringSplitUtils.splitEachArrayElementAndCreateMap(headerEntries, "=", "\"") .entrySet()) { Map.Entry entry = (Map.Entry) o; try { String key = oauthDecode((String) entry.getKey()); String value = oauthDecode((String) entry.getValue()); parameters.put(key, value); } catch (DecoderException e) { throw new IllegalStateException(e); } } } return parameters; }
From source file:org.owasp.benchmark.testcode.BenchmarkTest01190.java
@Override public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html"); String param = ""; java.util.Enumeration<String> headers = request.getHeaders("vector"); if (headers.hasMoreElements()) { param = headers.nextElement(); // just grab first element }//from w ww . j av a 2 s.co m String bar = new Test().doSomething(param); java.security.Provider[] provider = java.security.Security.getProviders(); java.security.MessageDigest md; try { if (provider.length > 1) { md = java.security.MessageDigest.getInstance("sha-384", provider[0]); } else { md = java.security.MessageDigest.getInstance("sha-384", "SUN"); } byte[] input = { (byte) '?' }; Object inputParam = bar; if (inputParam instanceof String) input = ((String) inputParam).getBytes(); if (inputParam instanceof java.io.InputStream) { byte[] strInput = new byte[1000]; int i = ((java.io.InputStream) inputParam).read(strInput); if (i == -1) { response.getWriter().println( "This input source requires a POST, not a GET. Incompatible UI for the InputStream source."); return; } input = java.util.Arrays.copyOf(strInput, i); } md.update(input); byte[] result = md.digest(); java.io.File fileTarget = new java.io.File( new java.io.File(org.owasp.benchmark.helpers.Utils.testfileDir), "passwordFile.txt"); java.io.FileWriter fw = new java.io.FileWriter(fileTarget, true); //the true will append the new data fw.write("hash_value=" + org.owasp.esapi.ESAPI.encoder().encodeForBase64(result, true) + "\n"); fw.close(); response.getWriter() .println("Sensitive value '" + org.owasp.esapi.ESAPI.encoder().encodeForHTML(new String(input)) + "' hashed and stored<br/>"); } catch (java.security.NoSuchAlgorithmException e) { System.out.println( "Problem executing hash - TestCase java.security.MessageDigest.getInstance(java.lang.String,java.security.Provider)"); throw new ServletException(e); } catch (java.security.NoSuchProviderException e) { System.out.println( "Problem executing hash - TestCase java.security.MessageDigest.getInstance(java.lang.String,java.security.Provider)"); throw new ServletException(e); } response.getWriter().println( "Hash Test java.security.MessageDigest.getInstance(java.lang.String,java.security.Provider) executed"); }
From source file:org.owasp.benchmark.testcode.BenchmarkTest01202.java
@Override public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType("text/html;charset=UTF-8"); String param = ""; java.util.Enumeration<String> headers = request.getHeaders("BenchmarkTest01202"); if (headers != null && headers.hasMoreElements()) { param = headers.nextElement(); // just grab first element }// w ww . j a va 2 s . c o m // URL Decode the header value since req.getHeaders() doesn't. Unlike req.getParameters(). param = java.net.URLDecoder.decode(param, "UTF-8"); String bar = new Test().doSomething(request, param); try { double stuff = java.security.SecureRandom.getInstance("SHA1PRNG").nextGaussian(); String rememberMeKey = Double.toString(stuff).substring(2); // Trim off the 0. at the front. String user = "SafeGayle"; String fullClassName = this.getClass().getName(); String testCaseNumber = fullClassName .substring(fullClassName.lastIndexOf('.') + 1 + "BenchmarkTest".length()); user += testCaseNumber; String cookieName = "rememberMe" + testCaseNumber; boolean foundUser = false; javax.servlet.http.Cookie[] cookies = request.getCookies(); if (cookies != null) { for (int i = 0; !foundUser && i < cookies.length; i++) { javax.servlet.http.Cookie cookie = cookies[i]; if (cookieName.equals(cookie.getName())) { if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) { foundUser = true; } } } } if (foundUser) { response.getWriter().println("Welcome back: " + user + "<br/>"); } else { javax.servlet.http.Cookie rememberMe = new javax.servlet.http.Cookie(cookieName, rememberMeKey); rememberMe.setSecure(true); // rememberMe.setPath("/benchmark/" + this.getClass().getSimpleName()); rememberMe.setPath(request.getRequestURI()); // i.e., set path to JUST this servlet // e.g., /benchmark/sql-01/BenchmarkTest01001 request.getSession().setAttribute(cookieName, rememberMeKey); response.addCookie(rememberMe); response.getWriter().println(user + " has been remembered with cookie: " + rememberMe.getName() + " whose value is: " + rememberMe.getValue() + "<br/>"); } } catch (java.security.NoSuchAlgorithmException e) { System.out.println("Problem executing SecureRandom.nextGaussian() - TestCase"); throw new ServletException(e); } response.getWriter().println("Weak Randomness Test java.security.SecureRandom.nextGaussian() executed"); }
From source file:org.openrepose.commons.utils.test.mocks.util.MocksUtil.java
public static RequestInformation servletRequestToRequestInformation(HttpServletRequest request, String body) throws IOException { RequestInformation req = new RequestInformation(); req.setUri(request.getRequestURL().toString()); req.setPath(request.getRequestURI()); req.setMethod(request.getMethod());/*from w w w . jav a 2s .com*/ req.setQueryString(request.getQueryString()); req.setBody(body); if (!request.getParameterMap().isEmpty()) { QueryParameters q = new QueryParameters(); Enumeration<String> queryParamNames = request.getParameterNames(); while (queryParamNames.hasMoreElements()) { String name = queryParamNames.nextElement(); String value = Arrays.toString(request.getParameterMap().get(name)); NameValuePair nvp = new NameValuePair(); nvp.setName(name); nvp.setValue(value); q.getParameter().add(nvp); } req.setQueryParams(q); } HeaderList h = new HeaderList(); Enumeration<String> headerNames = request.getHeaderNames(); while (headerNames.hasMoreElements()) { String headerName = headerNames.nextElement(); Enumeration<String> headerValues = request.getHeaders(headerName); while (headerValues.hasMoreElements()) { String headerValue = headerValues.nextElement(); NameValuePair nvp = new NameValuePair(); nvp.setName(headerName); nvp.setValue(headerValue); h.getHeader().add(nvp); } } req.setHeaders(h); return req; }