Change the secure random tests to restrict the cookies they generate to just the page they came from.

Fix some unintentional DOM XSS issues in the UI.

Author: davewichers

src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00010.java

@@ -73,20 +73,24 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) thr
 
 			boolean foundUser = false;
 			javax.servlet.http.Cookie[] cookies = request.getCookies();
-			for (int i = 0; cookies != null && ++i < cookies.length && !foundUser;) {
-				javax.servlet.http.Cookie cookie = cookies[i];
-				if (cookieName.equals(cookie.getName())) {
-					if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) {
-						foundUser = true;
+			if (cookies != null) {
+				for (int i = 0; !foundUser && i < cookies.length; i++) {
+					javax.servlet.http.Cookie cookie = cookies[i];
+					if (cookieName.equals(cookie.getName())) {
+						if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) {
+							foundUser = true;
+						}
 					}
 				}
 			}
+
 
 			if (foundUser) {
 				response.getWriter().println("Welcome back: " + user + "<br/>");			
 			} else {			
 				javax.servlet.http.Cookie rememberMe = new javax.servlet.http.Cookie(cookieName, rememberMeKey);
 				rememberMe.setSecure(true);
+				rememberMe.setPath("/benchmark/" + this.getClass().getSimpleName());
 				request.getSession().setAttribute(cookieName, rememberMeKey);
 				response.addCookie(rememberMe);
 				response.getWriter().println(user + " has been remembered with cookie: " + rememberMe.getName() 

src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00016.java

@@ -64,6 +64,7 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) thr
 		javax.servlet.http.Cookie cookie = new javax.servlet.http.Cookie("SomeCookie", str);
 
 		cookie.setSecure(true);
+		cookie.setPath("/benchmark/" + this.getClass().getSimpleName());
 
 		response.addCookie(cookie);
 

src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00023.java

@@ -58,11 +58,13 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) thr
 
 		boolean foundUser = false;
 		javax.servlet.http.Cookie[] cookies = request.getCookies();
-		for (int i = 0; cookies != null && ++i < cookies.length && !foundUser;) {
-			javax.servlet.http.Cookie cookie = cookies[i];
-			if (cookieName.equals(cookie.getName())) {
-				if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) {
-					foundUser = true;
+		if (cookies != null) {
+			for (int i = 0; !foundUser && i < cookies.length; i++) {
+				javax.servlet.http.Cookie cookie = cookies[i];
+				if (cookieName.equals(cookie.getName())) {
+					if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) {
+						foundUser = true;
+					}
 				}
 			}
 		}
@@ -72,6 +74,7 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) thr
 		} else {			
 			javax.servlet.http.Cookie rememberMe = new javax.servlet.http.Cookie(cookieName, rememberMeKey);
 			rememberMe.setSecure(true);
+            rememberMe.setPath("/benchmark/" + this.getClass().getSimpleName());
 			request.getSession().setAttribute(cookieName, rememberMeKey);
 			response.addCookie(rememberMe);
 			response.getWriter().println(user + " has been remembered with cookie: " + rememberMe.getName() 

src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00042.java

@@ -60,20 +60,24 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) thr
 
 			boolean foundUser = false;
 			javax.servlet.http.Cookie[] cookies = request.getCookies();
-			for (int i = 0; cookies != null && ++i < cookies.length && !foundUser;) {
-				javax.servlet.http.Cookie cookie = cookies[i];
-				if (cookieName.equals(cookie.getName())) {
-					if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) {
-						foundUser = true;
+			if (cookies != null) {
+				for (int i = 0; !foundUser && i < cookies.length; i++) {
+					javax.servlet.http.Cookie cookie = cookies[i];
+					if (cookieName.equals(cookie.getName())) {
+						if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) {
+							foundUser = true;
+						}
 					}
 				}
 			}
+
 
 			if (foundUser) {
 				response.getWriter().println("Welcome back: " + user + "<br/>");			
 			} else {			
 				javax.servlet.http.Cookie rememberMe = new javax.servlet.http.Cookie(cookieName, rememberMeKey);
 				rememberMe.setSecure(true);
+				rememberMe.setPath("/benchmark/" + this.getClass().getSimpleName());
 				request.getSession().setAttribute(cookieName, rememberMeKey);
 				response.addCookie(rememberMe);
 				response.getWriter().println(user + " has been remembered with cookie: " + rememberMe.getName() 

src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00059.java

@@ -53,8 +53,8 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) thr
 		}
 
 
-		StringBuilder sbxyz94707 = new StringBuilder(param);
-		String bar = sbxyz94707.append("_SafeStuff").toString();
+		StringBuilder sbxyz54487 = new StringBuilder(param);
+		String bar = sbxyz54487.append("_SafeStuff").toString();
 
 
 		// Code based on example from:

src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00062.java

@@ -54,11 +54,11 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) thr
 
 
 		String bar = "safe!";
-		java.util.HashMap<String,Object> map92865 = new java.util.HashMap<String,Object>();
-		map92865.put("keyA-92865", "a Value"); // put some stuff in the collection
-		map92865.put("keyB-92865", param); // put it in a collection
-		map92865.put("keyC", "another Value"); // put some stuff in the collection
-		bar = (String)map92865.get("keyB-92865"); // get it back out
+		java.util.HashMap<String,Object> map57069 = new java.util.HashMap<String,Object>();
+		map57069.put("keyA-57069", "a Value"); // put some stuff in the collection
+		map57069.put("keyB-57069", param); // put it in a collection
+		map57069.put("keyC", "another Value"); // put some stuff in the collection
+		bar = (String)map57069.get("keyB-57069"); // get it back out
 
 
 		String fileName = null;

src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00066.java

@@ -88,6 +88,7 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) thr
 		} else {			
 			javax.servlet.http.Cookie rememberMe = new javax.servlet.http.Cookie(cookieName, rememberMeKey);
 			rememberMe.setSecure(true);
+			rememberMe.setPath("/benchmark/" + this.getClass().getSimpleName());
 			request.getSession().setAttribute(cookieName, rememberMeKey);
 			response.addCookie(rememberMe);
 			response.getWriter().println(user + " has been remembered with cookie: " + rememberMe.getName() 

src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00067.java

@@ -54,20 +54,20 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) thr
 
 
 		// Chain a bunch of propagators in sequence
-		String a19312 = param; //assign
-		StringBuilder b19312 = new StringBuilder(a19312);  // stick in stringbuilder
-		b19312.append(" SafeStuff"); // append some safe content
-		b19312.replace(b19312.length()-"Chars".length(),b19312.length(),"Chars"); //replace some of the end content
-		java.util.HashMap<String,Object> map19312 = new java.util.HashMap<String,Object>();
-		map19312.put("key19312", b19312.toString()); // put in a collection
-		String c19312 = (String)map19312.get("key19312"); // get it back out
-		String d19312 = c19312.substring(0,c19312.length()-1); // extract most of it
-		String e19312 = new String( new sun.misc.BASE64Decoder().decodeBuffer( 
-		    new sun.misc.BASE64Encoder().encode( d19312.getBytes() ) )); // B64 encode and decode it
-		String f19312 = e19312.split(" ")[0]; // split it on a space
+		String a38294 = param; //assign
+		StringBuilder b38294 = new StringBuilder(a38294);  // stick in stringbuilder
+		b38294.append(" SafeStuff"); // append some safe content
+		b38294.replace(b38294.length()-"Chars".length(),b38294.length(),"Chars"); //replace some of the end content
+		java.util.HashMap<String,Object> map38294 = new java.util.HashMap<String,Object>();
+		map38294.put("key38294", b38294.toString()); // put in a collection
+		String c38294 = (String)map38294.get("key38294"); // get it back out
+		String d38294 = c38294.substring(0,c38294.length()-1); // extract most of it
+		String e38294 = new String( new sun.misc.BASE64Decoder().decodeBuffer( 
+		    new sun.misc.BASE64Encoder().encode( d38294.getBytes() ) )); // B64 encode and decode it
+		String f38294 = e38294.split(" ")[0]; // split it on a space
 		org.owasp.benchmark.helpers.ThingInterface thing = org.owasp.benchmark.helpers.ThingFactory.createThing();
-		String g19312 = "barbarians_at_the_gate";  // This is static so this whole flow is 'safe'
-		String bar = thing.doSomething(g19312); // reflection
+		String g38294 = "barbarians_at_the_gate";  // This is static so this whole flow is 'safe'
+		String bar = thing.doSomething(g38294); // reflection
 
 
 		double value = java.lang.Math.random();
@@ -96,6 +96,7 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) thr
 		} else {			
 			javax.servlet.http.Cookie rememberMe = new javax.servlet.http.Cookie(cookieName, rememberMeKey);
 			rememberMe.setSecure(true);
+			rememberMe.setPath("/benchmark/" + this.getClass().getSimpleName());
 			request.getSession().setAttribute(cookieName, rememberMeKey);
 			response.addCookie(rememberMe);
 			response.getWriter().println(user + " has been remembered with cookie: " + rememberMe.getName() 

src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00068.java

@@ -88,6 +88,7 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) thr
 		} else {			
 			javax.servlet.http.Cookie rememberMe = new javax.servlet.http.Cookie(cookieName, rememberMeKey);
 			rememberMe.setSecure(true);
+			rememberMe.setPath("/benchmark/" + this.getClass().getSimpleName());
 			request.getSession().setAttribute(cookieName, rememberMeKey);
 			response.addCookie(rememberMe);
 			response.getWriter().println(user + " has been remembered with cookie: " + rememberMe.getName() 

src/main/java/org/owasp/benchmark/testcode/BenchmarkTest00074.java

@@ -54,11 +54,11 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) thr
 
 
 		String bar = "safe!";
-		java.util.HashMap<String,Object> map36265 = new java.util.HashMap<String,Object>();
-		map36265.put("keyA-36265", "a Value"); // put some stuff in the collection
-		map36265.put("keyB-36265", param); // put it in a collection
-		map36265.put("keyC", "another Value"); // put some stuff in the collection
-		bar = (String)map36265.get("keyB-36265"); // get it back out
+		java.util.HashMap<String,Object> map95031 = new java.util.HashMap<String,Object>();
+		map95031.put("keyA-95031", "a Value"); // put some stuff in the collection
+		map95031.put("keyB-95031", param); // put it in a collection
+		map95031.put("keyC", "another Value"); // put some stuff in the collection
+		bar = (String)map95031.get("keyB-95031"); // get it back out
 
 
 		try {