OWASP-Benchmark
diff --git a/‎src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00001.java
Lines changed: 74 additions & 65 deletions b/‎src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00001.java
Lines changed: 74 additions & 65 deletions
diff --git a/‎src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00001.xml
Lines changed: 5 additions & 5 deletions b/‎src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00001.xml
Lines changed: 5 additions & 5 deletions
diff --git a/‎src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00002.java
Lines changed: 74 additions & 74 deletions b/‎src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00002.java
Lines changed: 74 additions & 74 deletions
diff --git a/‎src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00002.xml
Lines changed: 5 additions & 5 deletions b/‎src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00002.xml
Lines changed: 5 additions & 5 deletions
@@ -1,86 +1,96 @@
 /**
-* OWASP Benchmark v1.2
-*
-* This file is part of the Open Web Application Security Project (OWASP)
-* Benchmark Project. For details, please see
-* <a href="https://owasp.org/www-project-benchmark/">https://owasp.org/www-project-benchmark/</a>.
-*
-* The OWASP Benchmark is free software: you can redistribute it and/or modify it under the terms
-* of the GNU General Public License as published by the Free Software Foundation, version 2.
-*
-* The OWASP Benchmark is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
-* even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-* GNU General Public License for more details.
-*
-* @author Dave Wichers
-* @created 2015
-*/
-
+ * OWASP Benchmark v1.2
+ *
+ * <p>This file is part of the Open Web Application Security Project (OWASP) Benchmark Project. For
+ * details, please see <a
+ * href="https://owasp.org/www-project-benchmark/">https://owasp.org/www-project-benchmark/</a>.
+ *
+ * <p>The OWASP Benchmark is free software: you can redistribute it and/or modify it under the terms
+ * of the GNU General Public License as published by the Free Software Foundation, version 2.
+ *
+ * <p>The OWASP Benchmark is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+ * PURPOSE. See the GNU General Public License for more details.
+ *
+ * @author Dave Wichers
+ * @created 2015
+ */
 package org.owasp.benchmark.testcode;
 
 import java.io.IOException;
-
 import javax.servlet.ServletException;
 import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-@WebServlet(value="/pathtraver-00/BenchmarkTest00001")
+@WebServlet(value = "/pathtraver-00/BenchmarkTest00001")
 public class BenchmarkTest00001 extends HttpServlet {
-	
-	private static final long serialVersionUID = 1L;
-	
-	@Override
-	public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-		response.setContentType("text/html;charset=UTF-8");
-		javax.servlet.http.Cookie userCookie = new javax.servlet.http.Cookie("BenchmarkTest00001", "FileName");
-		userCookie.setMaxAge(60*3); //Store cookie for 3 minutes
-		userCookie.setSecure(true);
-		userCookie.setPath(request.getRequestURI());
-		userCookie.setDomain(new java.net.URL(request.getRequestURL().toString()).getHost());
-		response.addCookie(userCookie);
-		javax.servlet.RequestDispatcher rd = request.getRequestDispatcher("/pathtraver-00/BenchmarkTest00001.html");
-		rd.include(request, response);
-	}
 
-	@Override
-	public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-		// some code
-		response.setContentType("text/html;charset=UTF-8");
-		
+    private static final long serialVersionUID = 1L;
+
+    @Override
+    public void doGet(HttpServletRequest request, HttpServletResponse response)
+            throws ServletException, IOException {
+        response.setContentType("text/html;charset=UTF-8");
+        javax.servlet.http.Cookie userCookie =
+                new javax.servlet.http.Cookie("BenchmarkTest00001", "FileName");
+        userCookie.setMaxAge(60 * 3); // Store cookie for 3 minutes
+        userCookie.setSecure(true);
+        userCookie.setPath(request.getRequestURI());
+        userCookie.setDomain(new java.net.URL(request.getRequestURL().toString()).getHost());
+        response.addCookie(userCookie);
+        javax.servlet.RequestDispatcher rd =
+                request.getRequestDispatcher("/pathtraver-00/BenchmarkTest00001.html");
+        rd.include(request, response);
+    }
+
+    @Override
+    public void doPost(HttpServletRequest request, HttpServletResponse response)
+            throws ServletException, IOException {
+        // some code
+        response.setContentType("text/html;charset=UTF-8");
 
-		javax.servlet.http.Cookie[] theCookies = request.getCookies();
-		
-		String param = "noCookieValueSupplied";
-		if (theCookies != null) {
-			for (javax.servlet.http.Cookie theCookie : theCookies) {
-				if (theCookie.getName().equals("BenchmarkTest00001")) {
-					param = java.net.URLDecoder.decode(theCookie.getValue(), "UTF-8");
-					break;
-				}
-			}
-		}
+        javax.servlet.http.Cookie[] theCookies = request.getCookies();
+
+        String param = "noCookieValueSupplied";
+        if (theCookies != null) {
+            for (javax.servlet.http.Cookie theCookie : theCookies) {
+                if (theCookie.getName().equals("BenchmarkTest00001")) {
+                    param = java.net.URLDecoder.decode(theCookie.getValue(), "UTF-8");
+                    break;
+                }
+            }
+        }
 
-		
         String fileName = null;
         java.io.FileInputStream fis = null;
 
         try {
-          fileName = org.owasp.benchmark.helpers.Utils.TESTFILES_DIR + param;
-          fis = new java.io.FileInputStream(new java.io.File(fileName));
-          byte[] b = new byte[1000];
-          int size = fis.read(b);
-          response.getWriter().println(
-            "The beginning of file: '" + org.owasp.esapi.ESAPI.encoder().encodeForHTML(fileName)
-              + "' is:\n\n" + org.owasp.esapi.ESAPI.encoder().encodeForHTML(new String(b,0,size))
-          );
+            fileName = org.owasp.benchmark.helpers.Utils.TESTFILES_DIR + param;
+            fis = new java.io.FileInputStream(new java.io.File(fileName));
+            byte[] b = new byte[1000];
+            int size = fis.read(b);
+            response.getWriter()
+                    .println(
+                            "The beginning of file: '"
+                                    + org.owasp.esapi.ESAPI.encoder().encodeForHTML(fileName)
+                                    + "' is:\n\n"
+                                    + org.owasp
+                                            .esapi
+                                            .ESAPI
+                                            .encoder()
+                                            .encodeForHTML(new String(b, 0, size)));
         } catch (Exception e) {
             System.out.println("Couldn't open FileInputStream on file: '" + fileName + "'");
-            response.getWriter().println(
-              "Problem getting FileInputStream: "
-                 + org.owasp.esapi.ESAPI.encoder().encodeForHTML(e.getMessage())
-            );
+            response.getWriter()
+                    .println(
+                            "Problem getting FileInputStream: "
+                                    + org.owasp
+                                            .esapi
+                                            .ESAPI
+                                            .encoder()
+                                            .encodeForHTML(e.getMessage()));
         } finally {
             if (fis != null) {
                 try {
@@ -91,6 +101,5 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) thr
                 }
             }
         }
-	}
-	
+    }
 }
@@ -1,7 +1,7 @@
 <test-metadata>
-  <benchmark-version>1.2</benchmark-version>
-  <category>pathtraver</category>
-  <test-number>00001</test-number>
-  <vulnerability>true</vulnerability>
-  <cwe>22</cwe>
+    <benchmark-version>1.2</benchmark-version>
+    <category>pathtraver</category>
+    <test-number>00001</test-number>
+    <vulnerability>true</vulnerability>
+    <cwe>22</cwe>
 </test-metadata>
@@ -1,92 +1,92 @@
 /**
-* OWASP Benchmark v1.2
-*
-* This file is part of the Open Web Application Security Project (OWASP)
-* Benchmark Project. For details, please see
-* <a href="https://owasp.org/www-project-benchmark/">https://owasp.org/www-project-benchmark/</a>.
-*
-* The OWASP Benchmark is free software: you can redistribute it and/or modify it under the terms
-* of the GNU General Public License as published by the Free Software Foundation, version 2.
-*
-* The OWASP Benchmark is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
-* even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-* GNU General Public License for more details.
-*
-* @author Dave Wichers
-* @created 2015
-*/
-
+ * OWASP Benchmark v1.2
+ *
+ * <p>This file is part of the Open Web Application Security Project (OWASP) Benchmark Project. For
+ * details, please see <a
+ * href="https://owasp.org/www-project-benchmark/">https://owasp.org/www-project-benchmark/</a>.
+ *
+ * <p>The OWASP Benchmark is free software: you can redistribute it and/or modify it under the terms
+ * of the GNU General Public License as published by the Free Software Foundation, version 2.
+ *
+ * <p>The OWASP Benchmark is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+ * PURPOSE. See the GNU General Public License for more details.
+ *
+ * @author Dave Wichers
+ * @created 2015
+ */
 package org.owasp.benchmark.testcode;
 
 import java.io.IOException;
-
 import javax.servlet.ServletException;
 import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-@WebServlet(value="/pathtraver-00/BenchmarkTest00002")
+@WebServlet(value = "/pathtraver-00/BenchmarkTest00002")
 public class BenchmarkTest00002 extends HttpServlet {
-	
-	private static final long serialVersionUID = 1L;
-	
-	@Override
-	public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-		response.setContentType("text/html;charset=UTF-8");
-		javax.servlet.http.Cookie userCookie = new javax.servlet.http.Cookie("BenchmarkTest00002", "FileName");
-		userCookie.setMaxAge(60*3); //Store cookie for 3 minutes
-		userCookie.setSecure(true);
-		userCookie.setPath(request.getRequestURI());
-		userCookie.setDomain(new java.net.URL(request.getRequestURL().toString()).getHost());
-		response.addCookie(userCookie);
-		javax.servlet.RequestDispatcher rd = request.getRequestDispatcher("/pathtraver-00/BenchmarkTest00002.html");
-		rd.include(request, response);
-	}
 
-	@Override
-	public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-		// some code
-		response.setContentType("text/html;charset=UTF-8");
-		
+    private static final long serialVersionUID = 1L;
+
+    @Override
+    public void doGet(HttpServletRequest request, HttpServletResponse response)
+            throws ServletException, IOException {
+        response.setContentType("text/html;charset=UTF-8");
+        javax.servlet.http.Cookie userCookie =
+                new javax.servlet.http.Cookie("BenchmarkTest00002", "FileName");
+        userCookie.setMaxAge(60 * 3); // Store cookie for 3 minutes
+        userCookie.setSecure(true);
+        userCookie.setPath(request.getRequestURI());
+        userCookie.setDomain(new java.net.URL(request.getRequestURL().toString()).getHost());
+        response.addCookie(userCookie);
+        javax.servlet.RequestDispatcher rd =
+                request.getRequestDispatcher("/pathtraver-00/BenchmarkTest00002.html");
+        rd.include(request, response);
+    }
+
+    @Override
+    public void doPost(HttpServletRequest request, HttpServletResponse response)
+            throws ServletException, IOException {
+        // some code
+        response.setContentType("text/html;charset=UTF-8");
+
+        javax.servlet.http.Cookie[] theCookies = request.getCookies();
+
+        String param = "noCookieValueSupplied";
+        if (theCookies != null) {
+            for (javax.servlet.http.Cookie theCookie : theCookies) {
+                if (theCookie.getName().equals("BenchmarkTest00002")) {
+                    param = java.net.URLDecoder.decode(theCookie.getValue(), "UTF-8");
+                    break;
+                }
+            }
+        }
 
-		javax.servlet.http.Cookie[] theCookies = request.getCookies();
-		
-		String param = "noCookieValueSupplied";
-		if (theCookies != null) {
-			for (javax.servlet.http.Cookie theCookie : theCookies) {
-				if (theCookie.getName().equals("BenchmarkTest00002")) {
-					param = java.net.URLDecoder.decode(theCookie.getValue(), "UTF-8");
-					break;
-				}
-			}
-		}
+        String fileName = null;
+        java.io.FileOutputStream fos = null;
 
-		
-		String fileName = null;
-		java.io.FileOutputStream fos = null;
+        try {
+            fileName = org.owasp.benchmark.helpers.Utils.TESTFILES_DIR + param;
 
-		try {
-			fileName = org.owasp.benchmark.helpers.Utils.TESTFILES_DIR + param;
-	
-			fos = new java.io.FileOutputStream(fileName, false);
-	        response.getWriter().println(
-			"Now ready to write to file: " + org.owasp.esapi.ESAPI.encoder().encodeForHTML(fileName)
-);
+            fos = new java.io.FileOutputStream(fileName, false);
+            response.getWriter()
+                    .println(
+                            "Now ready to write to file: "
+                                    + org.owasp.esapi.ESAPI.encoder().encodeForHTML(fileName));
 
-		} catch (Exception e) {
-			System.out.println("Couldn't open FileOutputStream on file: '" + fileName + "'");
-//			System.out.println("File exception caught and swallowed: " + e.getMessage());
-		} finally {
-			if (fos != null) {
-				try {
-					fos.close();
+        } catch (Exception e) {
+            System.out.println("Couldn't open FileOutputStream on file: '" + fileName + "'");
+            //			System.out.println("File exception caught and swallowed: " + e.getMessage());
+        } finally {
+            if (fos != null) {
+                try {
+                    fos.close();
                     fos = null;
-				} catch (Exception e) {
-					// we tried...
-				}
-			}
-		}
-	}
-	
+                } catch (Exception e) {
+                    // we tried...
+                }
+            }
+        }
+    }
 }
@@ -1,7 +1,7 @@
 <test-metadata>
-  <benchmark-version>1.2</benchmark-version>
-  <category>pathtraver</category>
-  <test-number>00002</test-number>
-  <vulnerability>true</vulnerability>
-  <cwe>22</cwe>
+    <benchmark-version>1.2</benchmark-version>
+    <category>pathtraver</category>
+    <test-number>00002</test-number>
+    <vulnerability>true</vulnerability>
+    <cwe>22</cwe>
 </test-metadata>