C# (CSharp) testcases.CWE113_HTTP_Response_Splitting CWE113_HTTP_Response_Splitting__Web_ReadLine_addCookie_61b примеры использования

Пример #1

        /* goodB2G() - use badsource and goodsink */
        private static void GoodB2G(HttpRequest req, HttpResponse resp)
        {
            string data = CWE113_HTTP_Response_Splitting__Web_ReadLine_addCookie_61b.GoodB2GSource(req, resp);

            if (data != null)
            {
                HttpCookie cookieSink = new HttpCookie("lang", HttpUtility.UrlEncode(data, Encoding.UTF8));
                /* FIX: use URLEncoder.encode to hex-encode non-alphanumerics */
                resp.AppendCookie(cookieSink);
            }
        }

Пример #2

        /* goodG2B() - use goodsource and badsink */
        private static void GoodG2B(HttpRequest req, HttpResponse resp)
        {
            string data = CWE113_HTTP_Response_Splitting__Web_ReadLine_addCookie_61b.GoodG2BSource(req, resp);

            if (data != null)
            {
                HttpCookie cookieSink = new HttpCookie("lang", data);
                /* POTENTIAL FLAW: Input not verified before inclusion in the cookie */
                resp.AppendCookie(cookieSink);
            }
        }