Fixing Unvalidated Redirects and Forwards in JAVA

Posted by on March 22, 2014 1 Comment

Note: This post is part of our series on “How to Fix Unvalidated Redirects and Forwards“. The series contains examples on how to fix unvalidated redirects and forwards in various programming languages.

The following code will allow you prevent unvalidated redirects and Fowards in JAVA

<%
	String redirectURL = "http://www.example.com/";
	response.sendRedirect(redirectURL);
	return;
%>

Fixing Insecure Cryptographic Storage in Java

Posted by on May 1, 2012 1 Comment

Note: This post is part of our series on “How to Fix Insecure Cryptographic Storage“. The series contains examples on how to implementing secure cryptography in various programming languages.

As seen below using the following code we can encrypt sensitive values such as passwords by encrypting and then adding salt to it.

import java.security.MessageDigest;

  public byte[] getHash(String password, byte[] salt) throws NoSuchAlgorithmException {
       MessageDigest digest = MessageDigest.getInstance("SHA-256");
       digest.reset();
       digest.update(salt);
       return digest.digest(password.getBytes("UTF-8"));
 }

Fixing SQL Injection in Hibernate

Posted by on May 1, 2012 0 Comment

Note: This post is part of our series on “How to Fix SQL Injection Vulnerabilities“. The series contains examples on how to fix SQL Injection Vulnerabilities in various programming languages.

An SQL Injection attack is a code injection attack when input from an attacker reaches one of your databases without any filteration or validation. As a result, a malicious user can execute Read / Write / Delete / Update query in your database. In addition to this he can also run system level commands. The following example shows how SQL Injection can be prevented by in Hibernate

Subscription sub = (Subscription) sessionFactory.getCurrentSession()
 .createQuery("from Subscription sub where sub.verification = :verification")
 .setString("verification", verification)
 .uniqueResult();

Fixing Cross-site Scripting in Spring MVC

Posted by on May 1, 2012 3 Comments

In Spring-MVC, form-tags are used to create jsp page. Spring MVC provides multiple options to encode the html-escape-sequences on server side.

Add to the web.xml file to apply the filter globaly:

        <context-param>
            <param-name>defaultHtmlEscape</param-name>
            <param-value>true</param-value>
        </context-param>

At page level, it is defined as a tag-declaration. The code is:

<spring:htmlEscape defaultHtmlEscape="true" />

Fixing Cross-site Scripting in Java

Posted by on May 1, 2012 2 Comments

Use when the parameter is being echoed:

<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<p>Welcome <c:out value="${user.name}" /></p>

Use while taking the user input:

<%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %>
<input name="username" value="${fn:escapeXml(param.username)}">

Fixing SQL Injection in Java and MS SQL

Posted by on May 26, 2011 1 Comment

Note: This post is part of our series on “How to Fix SQL Injection Vulnerabilities“. The series contains examples on how to fix SQL Injection Vulnerabilities in various programming languages.

An SQL Injection attack is a code injection attack when input from an attacker reaches one of your databases without any filteration or validation. As a result, a malicious user can execute Read / Write / Delete / Update query in your database. In addition to this he can also run system level commands. The following example shows how SQL Injection can be prevented by in Java

Parameterized query

String selectStatement = "SELECT * FROM User WHERE userId = ? ";
PreparedStatement prepStmt = con.prepareStatement(selectStatement);
prepStmt.setString(1, userId);
ResultSet rs = prepStmt.executeQuery();