apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-09 19:45:13 +02:00
Code Issues Projects Releases Packages Wiki Activity
nyx/tests/fixtures/header_injection/java/UnsafeSetHeader.java
Eli Peter 7d0e7320e2
new capacity bits (#67)
2026-05-07 01:29:31 -04:00

11 lines
434 B
Java
Raw Permalink Blame History

// Unsafe: HttpServletResponse.setHeader receives a value built from a
// request parameter. HEADER_INJECTION fires on the value argument.
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class UnsafeSetHeader {
public void handle(HttpServletRequest req, HttpServletResponse res) {
String lang = req.getParameter("lang");
res.setHeader("X-Lang", lang);
}
}
Reference in a new issue View git blame Copy permalink