apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-09 19:45:13 +02:00
Code Issues Projects Releases Packages Wiki Activity
nyx/tests/dynamic_fixtures/header_injection/java/Benign.java
Eli Peter 991c84a1eb
Dynamic (#77)
2026-06-05 10:16:30 -05:00

16 lines
629 B
Java
Raw Permalink Blame History

// Phase 08 (Track J.6) — Java HEADER_INJECTION benign control fixture.
//
// Same shape as `Vuln.java` but URL-encodes the value via
// `URLEncoder.encode` (the OWASP-recommended defence), so any CRLF
// bytes in the value land as `%0D%0A` and the wire keeps a single
// header.
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import javax.servlet.http.HttpServletResponse;
public class Benign {
public static void run(HttpServletResponse response, String value) {
String encoded = URLEncoder.encode(value, StandardCharsets.UTF_8);
response.setHeader("Set-Cookie", encoded);
}
}
Reference in a new issue View git blame Copy permalink