dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix line endings

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@228 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
rogan.dawes 2008-01-10 10:09:41 +00:00
parent 5457faf9a3
commit 427832411c
1 changed files with 153 additions and 153 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

306
webgoat/main/project/JavaSource/org/owasp/webgoat/util/Interceptor.java
View File

@ -1,153 +1,153 @@
/** /**
* *
*/ */
package org.owasp.webgoat.util; package org.owasp.webgoat.util;
import java.io.IOException; import java.io.IOException;
import java.io.BufferedReader; import java.io.BufferedReader;
import java.io.PrintWriter; import java.io.PrintWriter;
import java.io.InputStreamReader; import java.io.InputStreamReader;
import java.net.UnknownHostException; import java.net.UnknownHostException;
import java.net.Socket; import java.net.Socket;
import javax.servlet.Filter; import javax.servlet.Filter;
import javax.servlet.FilterChain; import javax.servlet.FilterChain;
import javax.servlet.FilterConfig; import javax.servlet.FilterConfig;
import javax.servlet.ServletException; import javax.servlet.ServletException;
import javax.servlet.ServletRequest; import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse; import javax.servlet.ServletResponse;
import javax.servlet.RequestDispatcher; import javax.servlet.RequestDispatcher;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
/******************************************************************************* /*******************************************************************************
* *
* *
* This file is part of WebGoat, an Open Web Application Security Project * This file is part of WebGoat, an Open Web Application Security Project
* utility. For details, please see http://www.owasp.org/ * utility. For details, please see http://www.owasp.org/
* *
* Copyright (c) 2002 - 2007 Bruce Mayhew * Copyright (c) 2002 - 2007 Bruce Mayhew
* *
* This program is free software; you can redistribute it and/or modify it under * This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free Software * the terms of the GNU General Public License as published by the Free Software
* Foundation; either version 2 of the License, or (at your option) any later * Foundation; either version 2 of the License, or (at your option) any later
* version. * version.
* *
* This program is distributed in the hope that it will be useful, but WITHOUT * This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU General Public License for more * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
* details. * details.
* *
* You should have received a copy of the GNU General Public License along with * You should have received a copy of the GNU General Public License along with
* this program; if not, write to the Free Software Foundation, Inc., 59 Temple * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
* Place - Suite 330, Boston, MA 02111-1307, USA. * Place - Suite 330, Boston, MA 02111-1307, USA.
* *
* Getting Source ============== * Getting Source ==============
* *
* Source for this application is maintained at code.google.com, a repository * Source for this application is maintained at code.google.com, a repository
* for free software projects. * for free software projects.
* *
* For details, please see http://code.google.com/p/webgoat/ * For details, please see http://code.google.com/p/webgoat/
* *
* @author sherif koussa - Macadamian Technologies * @author sherif koussa - Macadamian Technologies
* *
*/ */
public class Interceptor implements Filter public class Interceptor implements Filter
{ {
private static final String OSG_SERVER_NAME = "OSGServerName"; private static final String OSG_SERVER_NAME = "OSGServerName";
private static final String OSG_SERVER_PORT = "OSGServerPort"; private static final String OSG_SERVER_PORT = "OSGServerPort";
/* (non-Javadoc) /* (non-Javadoc)
* @see javax.servlet.Filter#destroy() * @see javax.servlet.Filter#destroy()
*/ */
public void destroy() public void destroy()
{ {
// TODO Auto-generated method stub // TODO Auto-generated method stub
} }
public void doFilter(ServletRequest request, ServletResponse response, public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException FilterChain chain) throws IOException, ServletException
{ {
HttpServletRequest req = (HttpServletRequest) request; HttpServletRequest req = (HttpServletRequest) request;
Socket osgSocket = null; Socket osgSocket = null;
PrintWriter out = null; PrintWriter out = null;
BufferedReader in = null; BufferedReader in = null;
String osgServerName = req.getSession().getServletContext() String osgServerName = req.getSession().getServletContext()
.getInitParameter(OSG_SERVER_NAME); .getInitParameter(OSG_SERVER_NAME);
String osgServerPort = req.getSession().getServletContext() String osgServerPort = req.getSession().getServletContext()
.getInitParameter(OSG_SERVER_PORT); .getInitParameter(OSG_SERVER_PORT);
try try
{ {
//If these parameters are not defined then no communication will happen with OSG //If these parameters are not defined then no communication will happen with OSG
if (osgServerName != null && osgServerName.length() != 0 if (osgServerName != null && osgServerName.length() != 0
&& osgServerPort != null && osgServerPort.length() != 0) && osgServerPort != null && osgServerPort.length() != 0)
{ {
osgSocket = new Socket(osgServerName, Integer osgSocket = new Socket(osgServerName, Integer
.parseInt(osgServerPort)); .parseInt(osgServerPort));
if (osgSocket != null) if (osgSocket != null)
{ {
out = new PrintWriter(osgSocket.getOutputStream(), true); out = new PrintWriter(osgSocket.getOutputStream(), true);
in = new BufferedReader(new InputStreamReader(osgSocket in = new BufferedReader(new InputStreamReader(osgSocket
.getInputStream())); .getInputStream()));
//String message = "HTTPRECEIVEHTTPREQUEST,-,DataValidation_SqlInjection_Basic.aspx"; //String message = "HTTPRECEIVEHTTPREQUEST,-,DataValidation_SqlInjection_Basic.aspx";
//out.println(message); //out.println(message);
//System.out.println(in.readLine()); //System.out.println(in.readLine());
} }
} }
} }
catch (UnknownHostException e) catch (UnknownHostException e)
{ {
e.printStackTrace(); e.printStackTrace();
} }
catch (IOException e) catch (IOException e)
{ {
e.printStackTrace(); e.printStackTrace();
} }
finally finally
{ {
if (out != null) if (out != null)
{ {
out.close(); out.close();
} }
if (in != null) if (in != null)
{ {
in.close(); in.close();
} }
if (osgSocket != null) if (osgSocket != null)
{ {
osgSocket.close(); osgSocket.close();
} }
} }
String url = req.getRequestURL().toString(); String url = req.getRequestURL().toString();
RequestDispatcher disp = req.getRequestDispatcher(url.substring(url RequestDispatcher disp = req.getRequestDispatcher(url.substring(url
.lastIndexOf("WebGoat/") .lastIndexOf("WebGoat/")
+ "WebGoat".length())); + "WebGoat".length()));
disp.forward(request, response); disp.forward(request, response);
} }
/* (non-Javadoc) /* (non-Javadoc)
* @see javax.servlet.Filter#init(javax.servlet.FilterConfig) * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
*/ */
public void init(FilterConfig arg0) throws ServletException public void init(FilterConfig arg0) throws ServletException
{ {
// TODO Auto-generated method stub // TODO Auto-generated method stub
} }
} }