Details

    • Type: Language-Specification
    • Status: Active
    • Resolution: Unresolved
    • Labels:
    • Impact:
      Unknown 'null' severity
    • Likelihood:
      Unknown 'null' severity

      Description

      Sensitive Code Example

      Java servlet framework:

      @Override
      protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
          resp.setHeader("Content-Type", "text/plain; charset=utf-8");
          resp.setHeader("Access-Control-Allow-Origin", "*"); // Sensitive
          resp.setHeader("Access-Control-Allow-Credentials", "true"); 
          resp.setHeader("Access-Control-Allow-Methods", "GET"); 
          resp.getWriter().write("response");
      }
      

      Spring MVC framework:
      CrossOrigin

      @CrossOrigin // Sensitive
      @RequestMapping("")
      public class TestController {
          public String home(ModelMap model) {
              model.addAttribute("message", "ok ");
              return "view";
          }
      }
      

      cors.CorsConfiguration

      CorsConfiguration config = new CorsConfiguration();
      config.addAllowedOrigin("*"); // Sensitive
      config.applyPermitDefaultValues(); // Sensitive
      

      servlet.config.annotation.CorsConfiguration

      class Insecure implements WebMvcConfigurer {
        @Override
        public void addCorsMappings(CorsRegistry registry) {
          registry.addMapping("/**")
            .allowedOrigins("*"); // Sensitive
        }
      }
      

      Compliant Solution

      Java Servlet framework:

      @Override
      protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
          resp.setHeader("Content-Type", "text/plain; charset=utf-8");
          resp.setHeader("Access-Control-Allow-Origin", "trustedwebsite.com"); // Compliant
          resp.setHeader("Access-Control-Allow-Credentials", "true"); 
          resp.setHeader("Access-Control-Allow-Methods", "GET"); 
          resp.getWriter().write("response");
      }
      

      Spring MVC framework:
      CrossOrigin

      @CrossOrigin("trustedwebsite.com") // Compliant
      @RequestMapping("")
      public class TestController {
          public String home(ModelMap model) {
              model.addAttribute("message", "ok ");
              return "view";
          }
      }
      

      cors.CorsConfiguration

      CorsConfiguration config = new CorsConfiguration();
      config.addAllowedOrigin("http://domain2.com"); // Compliant
      

      servlet.config.annotation.CorsConfiguration

      class Safe implements WebMvcConfigurer {
        @Override
        public void addCorsMappings(CorsRegistry registry) {
          registry.addMapping("/**")
            .allowedOrigins("safe.com"); // Compliant
        }
      }
      

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              lars.svensson Lars Svensson (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: