導頁（SECURITY.IBA.VRD）

Posted by Bruce Tsai

forward

// Severity: 1
// Rule ID: (SECURITY.IBA.VRD)
// Message: No validation check in forward URL
request.getRequestDispatcher(path).forward(request, response);

redirect

// Severity: 1
// Rule ID: (SECURITY.IBA.VRD)
// Message: No validation check in redirect URL
response.sendRedirect(path);

處理方式

• 新增一個 class 並繼承 HttpServletRequestWrapper
• 新增一個 method 並由此 method 進行 forward
• 改以新增的 method 進行導頁

public class ValidatedRequest extends HttpServletRequestWrapper {

    /**
     * Constructs a request object wrapping the given request.
     *
     * @param request
     * @throws IllegalArgumentException if the request is null
     */
    public ValidatedRequest(HttpServletRequest request) {
        super(request);
    }

    public RequestDispatcher requestDispatcher(String path) {
        return getRequestDispatcher(path);
    }

}

new ValidatedRequest(request).requestDispatcher(path).forward(request, response);

• 新增一個 class 並繼承 HttpServletResponseWrapper
• 新增一個 method 並由此 method 進行 redirect
• 改以新增的 method 進行導頁

public class ValidatedResponse extends HttpServletResponseWrapper {

    /**
     * Constructs a response adaptor wrapping the given response.
     *
     * @param response
     * @throws IllegalArgumentException if the response is null
     */
    public ValidatedResponse(HttpServletResponse response) {
        super(response);
    }

    public void redirect(String location) throws IOException {
        sendRedirect(location);
    }

}

new ValidatedResponse(response).redirect(path);