Changeset 410 for trunk/EventBenchConsole
- Timestamp:
- 04/03/12 10:24:49 (13 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/EventBenchConsole/src/de/ugoe/cs/eventbench/web/WeblogParser.java
r363 r410 297 297 String path = uri.getPath(); 298 298 List<String> getVars = extractGetVarsFromUri(uri); 299 299 300 300 WebEvent event = new WebEvent(url, path, timestamp, 301 301 postedVars, getVars); … … 446 446 * URI that is parsed 447 447 * @return a list with all GET variables 448 */ 449 private List<String> extractGetVarsFromUri(URI uri) { 448 * @throws URISyntaxException 449 * thrown if one of the variables seems to indicate that the 450 * request is a malicious attack on the web application 451 */ 452 private List<String> extractGetVarsFromUri(URI uri) 453 throws URISyntaxException { 450 454 List<String> getVars = new ArrayList<String>(); 451 455 String query = uri.getQuery(); … … 455 459 String[] paramSplit = paramPair.split("="); 456 460 if (!isBrokenVariable(paramSplit[0])) { 461 for (int i = 1; i < paramSplit.length; i++) { 462 checkForAttack(paramSplit[i]); 463 } 457 464 getVars.add(paramSplit[0]); 458 465 } … … 473 480 */ 474 481 private boolean isBrokenVariable(String var) { 475 // TODO improve filtering of broken variables476 482 return var.contains("and"); 477 483 } 484 485 /** 486 * <p> 487 * Checks if the variable name send with a request seems like an attack on the server. 488 * </p> 489 * @param value 490 * @throws URISyntaxException 491 */ 492 private void checkForAttack(String value) throws URISyntaxException { 493 if (value.contains("UNION+") || value.contains("SELECT+")) { 494 throw new URISyntaxException(value, "possible injection attack"); 495 } 496 } 478 497 }
Note: See TracChangeset
for help on using the changeset viewer.