Add OpenTaint + ZAP action and more controllers#6

Open

misonijnik wants to merge 1 commit intodemo/endpointsfrom

Member

misonijnik commented Mar 26, 2026

No description provided.


          Add OpenTaint + ZAP action and more controllers

ba5db0b

github-advanced-security bot found potential problems

View reviewed changes

src/main/java/org/seqra/demo/controller/TemplateController.java

Comment on lines +119 to +123

+                          return ResponseEntity.ok(Map.of(
+                              "template", template,
+                              "preview", preview != null ? preview.toString() : "",
+                              "sampleData", sampleData
+                          ));

Check failure

Code scanning / OpenTaint

Potential cross-site scripting (XSS) Error

Potential XSS: writing user input directly to a web page.

src/main/java/org/seqra/demo/controller/TemplateController.java

+                          sampleData.forEach(context::setVariable);
+                          Expression exp = parser.parseExpression(template);
+                          Object preview = exp.getValue(context);

Check failure

Code scanning / OpenTaint

Potential expression language injection Error

Potential code injection: calling Spring Expression Language method directly with user-supplied input may allow an adversary to read or modify sensitive data, bypass security checks, or, in severe cases, execute arbitrary code within the application's context.

src/main/java/org/seqra/demo/controller/TemplateController.java

Comment on lines +88 to +92

+                          return ResponseEntity.ok(Map.of(
+                              "expression", expr,
+                              "result", result != null ? result : 0,
+                              "success", true
+                          ));

Check failure

Code scanning / OpenTaint

Potential cross-site scripting (XSS) Error

Potential XSS: writing user input directly to a web page.

src/main/java/org/seqra/demo/controller/TemplateController.java

+                      try {
+                          Expression expression = parser.parseExpression(expr);
+                          Object result = expression.getValue();

Check failure

Code scanning / OpenTaint

Potential expression language injection Error

Potential code injection: calling Spring Expression Language method directly with user-supplied input may allow an adversary to read or modify sensitive data, bypass security checks, or, in severe cases, execute arbitrary code within the application's context.

src/main/java/org/seqra/demo/controller/TemplateController.java

Comment on lines +66 to +70

+                          return ResponseEntity.ok(Map.of(
+                              "template", template,
+                              "rendered", rendered != null ? rendered.toString() : "",
+                              "userName", userName
+                          ));

Check failure

Code scanning / OpenTaint

Potential cross-site scripting (XSS) Error

Potential XSS: writing user input directly to a web page.

src/main/java/org/seqra/demo/controller/RedirectController.java

+                          response.setHeader("X-Campaign", campaign);
+                      }
+                      response.sendRedirect(destination);

Check warning

Code scanning / OpenTaint + ZAP

Application redirects to user-manipulated URL which can be malicious Warning

Application redirects to a destination URL specified by a user-supplied parameter that is not validated. This could direct users to malicious locations. Consider using an allowlist to validate URLs.

src/main/java/org/seqra/demo/controller/RedirectController.java

+                      }
+                      if (campaign != null) {
+                          response.setHeader("X-Campaign", campaign);

Check warning

Code scanning / OpenTaint

HTTP response splitting Warning

Older Java application servers are vulnerable to HTTP response splitting, which may occur if an HTTP request can be injected with CRLF characters.

src/main/java/org/seqra/demo/controller/RedirectController.java

+                          HttpServletResponse response) throws IOException {
+                      if (trackingId != null) {
+                          response.setHeader("X-Tracking-ID", trackingId);

Check warning

Code scanning / OpenTaint

HTTP response splitting Warning

Older Java application servers are vulnerable to HTTP response splitting, which may occur if an HTTP request can be injected with CRLF characters.

src/main/java/org/seqra/demo/controller/RedirectController.java

+                          response.setHeader("X-Custom-Header", headerValue);
+                      }
+                      response.setHeader("Location", url);

Check warning

Code scanning / OpenTaint

HTTP response splitting Warning

Older Java application servers are vulnerable to HTTP response splitting, which may occur if an HTTP request can be injected with CRLF characters.

src/main/java/org/seqra/demo/controller/RedirectController.java

+                          HttpServletResponse response) throws IOException {
+                      if (headerValue != null && !headerValue.isEmpty()) {
+                          response.setHeader("X-Custom-Header", headerValue);

Check warning

Code scanning / OpenTaint

HTTP response splitting Warning

Older Java application servers are vulnerable to HTTP response splitting, which may occur if an HTTP request can be injected with CRLF characters.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet